Sr. Security Engineer, Enterprise Information Security
SR. SECURITY ENGINEER SKILLS & RESPONSIBILITIES
• Act as a trusted technical advisor with key security stakeholders at all levels of the organization for a variety of information security projects that arise from current business and technological developments
• Hands-on experience supporting network, operating system, database, application & data layers across multiple platforms and technologies
• Ability to assess risks and provide innovative countermeasures and solutions that appropriately balance security and business requirements
• Ability to step into an uncontrolled space and bring security structure
• Provide guidance to security analysts, PMs, business partners and IT leadership when new projects are introduced to the business or new risks are identified
SECURITY DESIGN ASSESSOR
• Ability to consult internally with Sr. Engineers (Application, Network, DevOps) to apply security principles and best practices that meet business objectives
• Experience controlling the threat surface area, identifying attack vectors, vulnerabilities and establishing appropriate controls. Can build a threat model
• Evaluation & assessment of compliance to a regulation, law or policy using industry standard methodologies (ISO27001, COBIT, NIST, etc.) in an enterprise environment
• Evaluate, recommend, and implement commercial hardware and software security products to augment and enhance the Company enterprise security program
• Hands-on experience installing, configuring, and supporting security related hardware and software such as Certificate Management, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing & Logging, and Vulnerability Management
• Ability to learn a new technology and drive it from ideation through deployment and integration to fully automated and operationalized
• Ability to automate basic integration, data collection, scripting and reporting tasks via secure coding standards
• Ability to work on multiple tasks simultaneously, set priorities, communicate delivery expectations, and meet deadlines
• Innovative, collaborative and able to solve problems independently
• Able to work within the team to build measurable, repeatable processes
• Strong verbal and written communication skills
• 5+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN, Application Security SAST/DAST, etc
• 5+ years information security experience preferred
• Proven ability to assess and influence capital project design and delivery decisions
• Proven ability to assess, recommend, deploy and integrate Information Security tools
• Foundational understanding of several enterprise environment technologies
• Working knowledge and experience in multiple ISC2 security domains
• Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc
• Ethical Penetration Testing experience preferred
• Available for work in Bellevue, WA
• CISSP Preferred
Thanks & Regards
28411 Northwestern Hwy, Suite 640, Southfield, Mi 48034
Tel: 248 415 4550
You received this message because you are subscribed to the Google Groups " c2c jobs usa" group.
To unsubscribe from this group and stop receiving emails from it, send an email to email@example.com.
To post to this group, send email to firstname.lastname@example.org.
Visit this group at https://groups.google.com/group/c2cjobsusa.
For more options, visit https://groups.google.com/d/optout.