Desired Skills and Experience

  • Integrate with internal engineering teams providing frameworks to build, design, and implement products across the organization securely
  • Review new and existing products and services for vulnerabilities
  • Assess the health and security of internal network architectures
  • Analyze and prioritize reports from external researchers; facilitate confirmed issues to resolution with engineering teams
  • Assist in the prompt investigation of security incidents and be prepared to isolate and remediate incidents pursuant to established procedures
  • Assist in the design and delivery of disaster recovery plans that meet compliance related recovery objectives
  • Provide training to the Vivid Seats community, fostering a security best practice culture
  • Support and assist in developing ongoing roadmap for security related projects
  • 3+ years of combined experience in information security, technology, and risk management with at least 1 year experience focusing on information security
  • Extensive knowledge of current and emerging IT security technologies and techniques covering all levels of cloud and local IT architecture
  • Understanding of application security concepts (such as the OWASP top 10) with the ability to articulate concepts to technical and non-technical staff
  • Vulnerability management experience across multiple operating systems, databases, and applications, remediating issues with technical staff
  • Knowledge of disaster recovery and business continuity principles and practices
  • Experience in TCP/IP networking, firewalls and virtual private networks (VPN)
  • Understanding of current encryption standards and implementation procedures
  • Ability to work with engineering teams to weigh business risks and enforce appropriate security measures in support of a Continuous Integration / Continuous Deployment environment
  • Experience with incident management and threat remediation including threat analysis, isolation, identification, and eradication
  • Ability to handle multiple complex, long term projects simultaneously
  • Knowledge and experience with control frameworks such as ISO, NIST, CobiT, and PCI
  • Passion for technology and information security
  • B.A. or B.S. in Computer Science, Information Management, or relevant field
  • CISSP is a plus