Senior Information Security Engineer

Recruits Lab - Philadelphia, PA

MUST-HAVES

  • Experience in incident response activities in addition to general information security duties
  • certification such as CISSP
  • Minimum 7 years which includes applications security
  • Background working in cloud environment
  • Experience with scripting languages

 

NICE-TO-HAVES

 

  • Experience with code scanning tools
  • Member of OWASP

 

DESCRIPTION OF DUTIES

 

We believe human ingenuity can transform the world and improve our future. That’s why we harness our global reach, curate our content, and invest in best-in-class technology and people.

Join the team that is improving the way the world creates, protects, and advances innovation.

The Information Security team is looking for a key member either in Philadelphia or San Francisco to build the ISRM roadmap and run security capabilities. This individual will posses experience in threat, vulnerability and incident management and from a cloud environment.

Job Responsibilities:

    • Provide security advisory services support by recommending improvements in information security systems, procedures and processes based on industry best practices and innovative thinking
    • Define requirements, based on the overall information security strategy, and implement capabilities to comply with established standards to help mitigate security risks
    • Provide responses to customer security questionnaires and internal and external auditors regarding information security capabilities and controls
    • Monitor for security incidents and participate in incident response teams to contain, investigate, and prevent future information security incidents
    • Understand current and emerging security threats and design security capabilities to mitigate threats where possible
    • Stay abreast of new security technologies and integrate them into the security architecture design where appropriate
    • Analyze IT projects and roadmaps and identify security dependencies and risks, and design solutions to remediate information security risks
    • Manage all information security capabilities including threat management, vulnerability management and incident management
    • Design, implement and test information security controls in enterprise, cloud, and product environments
    • Create and champion information security policies, standards, guidelines and standard operating procedures
    • Participate in internal Blue and Red Team activities

    Job Qualifications

    • Proven track record for delivering results
    • Minimum of 7 years of hands-on technical experience designing, implementing, and supporting information security solutions in enterprise and cloud environments
    • Strong, customer-oriented communication style with the ability to collaborate across a global team environment
    • Strong self-directed work habits exhibiting initiative, drive, creativity, maturity, self-assurance, professionalism and the ability to autonomously manage multiple concurrent projects
    • Advanced analytical and decision-making skills
    • Experience working in or with lean, agile, or devops-oriented teams
    • Expert-level knowledge of security principles and technologies in application, infrastructure, network, cloud and endpoint security
    • Experience working with security vendors to evaluate products, analyze security functionality and submit feature requests
    • Experience with Linux, Windows and Mac OS X operating systems
    • Fluent in one of the following and experienced in two: Java, Javascript, Python, AngularJS, Ruby, Shell, C++, C#, .NET, php, SQL
    • Expert level understanding of source control tools and CI/CD tools
    • Expert level understanding of the AWS platform
    • Previous consulting or sales engineering experience is ideal
    • Bachelor’s degree (Master’s degree is ideal) in computer science or equivalent experience
    • CISSP or SANS GIAC certification


     



    Posted On: Friday, December 6, 2019



    Apply to this job
    or