Desired Skills and Experience

  • Ensure systems and sensitive information are protected from internal and external unauthorized access, modification, deletion or disclosure in compliance with major industry policies, standards, and security best practices.
  • Designing, map, configure, and implement security solutions for various commercial information security tools aligning with business requirements appropriate per accepted risk level.
  • Work with a variety of security efforts that span application and network level initiatives.
  • Partner with Network, Application, DevOps, and Systems Engineers and Architects as well as impacted business units as a technical advisor and champion of your domain in information security. Provide guidance to security analysts, project managers, and engineering units on your tool’s configuration, functionality, and environmental impact.
  • Assess and identify attack vectors. Bring additional control to the threat surface area and mitigate vulnerabilities through suggesting and implementing appropriate tool thresholds and building additional capability.
  • Hands on installation, configuration and support of security related hardware and software such as Certificate Management, Enterprise Anti-Virus/Malware, Data Loss Prevention, File Integrity Monitoring, Security Auditing, and Vulnerability Management applications and systems.
  • Passion about new technology and motivation to drive it from ideation through deployment and integration to fully automated and operationalized security asset.
  • Some basic automation knowledge for integration, data collection, scripting and reporting tasks.
  • Knowledge or work in incident response activities for network intrusions, virus infections, and internal security violations.
  • Knowledge or work assessing risks and providing innovative countermeasures and solutions that balance security and business requirements.
  • Significant information security experience on Windows, Unix, and Linux platforms.
  • Significant IT infrastructure or networking proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Routers, Gateways, VPN.
  • Foundational understanding of several enterprise environment technologies including servers, databases, networking, applications, services, and hybrid platforms.
  • Understanding of some of the controls and policy standards in our current legal and regulatory environments such as PCI, SOX, HIPAA, GLBA, NIST, etc.
  • Penetration Testing experience a plus.
  • CISSP or other industry certifications a plus.

Apply