Vacancy caducado!
Information Security Engineer Overview: The Information Security Engineer who delivers security solutions across the platform and products. The Staff Information Security Engineer regularly consults the Security and Risk team and other areas to help interpret and communicate risk. The Information Security Engineer is detail-oriented, loves to take risks, and constantly challenges assumptions. This is a hands-on technical role Expectations:
- Provide guidance and oversight to team members for security related activities (best practices, identify gaps and vulnerabilities, communicate architecture and strategy, etc.) for a team of 20+ software engineers and developers. Team members are located across the globe in North America, Europe, and Eastern Hemisphere.
- Be able to understand high-level dependencies between technology components that underpin the strategic platform, and identify when those dependencies raise security concerns.
- Provide an interface between Security and Platform development teams for technical security projects.
- Create strategies, controls and architecture specifically for the platform solution, including REST APIs, web and mobile applications, and database endpoint security.
- Maintain the organization's data loss prevention and security information and event management solutions.
- Optimize technologies and processes for Information Security Analysts.
- Own the end-to-end security of the platform, clients applications, and database instances in the Cloud and On-Premise.
- Conduct information security risk assessments based on industry standards (NIST, ISO, SANS Critical Security Controls).
- Respond to advisory service requests to address and answer client questions and/or needs.
- Provide information security management and strategy guidance to assist in development of client information security programs.
- Write and deliver reports detailing our assessment observations and associated recommendations for information security program development to help the client meet security and compliance standards.
- Assist the Solution Manager towards operating all compliance auditing, reporting, and change management practices to meet internal and external compliance requirements.
- ITIL Service Management Foundation
- AWS Certified Solutions Architect, at the Associate level
- ISC2, GIAC or other security certification
- Practical knowledge of any combination of PCI-DSS, GLBA, HIPAA and state/federal privacy laws
- AWS Certified Security - Specialty
- Excellent writing, organizational, interpersonal and communication skills.
- Able to maintain strict confidentiality.
- Able to think analytically and a high sense of urgency.
- Able to look at all situations objectively and a love for challenging assumptions.
- Able to work independently without supervision.
- Understanding of and practical experience with internal certificate authorities, Microsoft Windows preventive and detective controls, Microsoft Active Directory design/architecture and security, data loss/leak prevention and multi-factor authentication.
- Understanding of network design, encryption/PKI, mobile security, network security technologies and vulnerability management.
- Comfort with working in a fast-paced, startup-style environment.
- 5+ years of experience in a technical information technology role.
Vacancy caducado!