Senior Information Security Engineer


MUST-HAVES

  • 5+ years of hands-on technical experience designing, implementing, and supporting information security solutions in enterprise and cloud environments
  • Manage all information security capabilities including threat management, vulnerability management and incident management
  • Experience with Linux, Windows and Mac OS X operating systems
  • CISSP or SANS GIAC certification

                               NICE-TO-HAVES

  • AWS
  • coming from a ".com" company
  • has maintained production for products
  • DevOps/DevSecOps- secure automation
  • Responsible for planning, implementing, and coordinating risk management, risk mitigation and recovery programs within their areas of responsibility. Oversees ongoing compliance efforts across technology, developing and providing controls, standards, process improvement recommendations, technical guidance, leadership, awareness, and education on compliance and information security practices.

    JOB RESPONSIBILITIES:

    • Provide security advisory services support by recommending improvements in information security systems, procedures and processes based on industry best practices and innovative thinking
    • Define requirements, based on the overall information security strategy, and implement capabilities to comply with established standards to help mitigate security risks
    • Provide responses to customer security questionnaires and internal and external auditors regarding information security capabilities and controls
    • Monitor for security incidents and participate in incident response teams to contain, investigate, and prevent future information security incidents
    • Understand current and emerging security threats and design security capabilities to mitigate threats where possible
    • Stay abreast of new security technologies and integrate them into the security architecture design where appropriate
    • Analyze IT projects and roadmaps and identify security dependencies and risks, and design solutions to remediate information security risks
    • Manage all information security capabilities including threat management, vulnerability management and incident management
    • Design, implement and test information security controls in enterprise, cloud, and product environments
    • Write and enforce information security policies, standards, guidelines and standard operating procedures
    • Participate in internal Red Team activities

    JOB QUALIFICATIONS

    • A proven track record of delivering results
    • Advanced interpersonal and communication skills with the ability to collaborate effectively in a team environment and promote ideas at various levels of the organization
    • Strong self-directed work habits exhibiting initiative, drive, creativity, maturity, self-assurance, professionalism and the ability to autonomously manage multiple concurrent projects
    • Advanced analytical and decision-making skills
    • Minimum of 7 years of hands-on technical experience designing, implementing, and supporting information security solutions in enterprise and cloud environments
    • Expert-level knowledge of security principles and technologies in application, infrastructure, network, cloud and endpoint security
    • Experience working with security vendors to evaluate products, analyze security functionality and submit feature requests
    • Experience with Linux, Windows and Mac OS X operating systems
    • Previous consulting or sales engineering experience is ideal
    • Bachelor's degree (Master's degree is ideal) in computer science or equivalent experience
    • CISSP or SANS GIAC certification. Please click contact page, if you are interested.