We are looking for the Security Engineer who will define, implement, and maintain security systems and processes to detect, access, and mitigate electronic threats to the companies computing environment. Security Engineer will work within the Information Security Team and the Information Systems department to assure compliance with State and Federal laws, PCI-DSS and organizational policies and standards. He/she will evaluate external information from providers as it relates to the threat posture of the company. Security Engineer will provide technical information security leadership companywide in the assessment, planning, design, and implementation of appropriate information security architecture, processes, products, controls, and/or projects requiring significant or advanced expertise. He/she will support the core functions of the security operations team and oversee internal and external vulnerability and penetration tests. Security Engineer will provide security guidance and consultation to other company areas as requested.
This position is full-time. The employee is expected to work 40 hours weekly, Mon-Fri.
Key Job Responsibilities
Provides analytical and technical security recommendations to other team members, oversight boards, and clients. Identifies requirements, based upon need or as the result of a security issue that puts organizations systems at risk.
Perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social engineering assessments
Meets with clients and management to help specify and negotiate application security requirements, reviews current policies and procedures for applicability, and system OS security patch levels, and ensures safe transition of applications to production
Develops technology to automate security monitoring
Develop, debug, test, and support the certification process
Create, maintain, and document security baselines
Evaluate and recommend secure remote configurations
An active member in technical workgroups to recommend effective security configurations and architecture
Liaison to the Enterprise Architect, WAN, LAN, and Enterprise Management Teams to effectively communicate and architect security solutions
Develops documentation to support ongoing security systems operations, maintenance, and specific problem resolution
Works with and coordinates appropriate IT staff to implement solutions that will meet or exceed customer expectations
Provide risk analysis for vulnerabilities, incidents, and change requests
Functions as technical lead during a security incident response
Well versed in the information security issues affecting financial service organizations and cloud-based application service providers.
Web application penetration testing experience identifying architectural design weaknesses from analyzing a web application
Implementing PKI components in a network, application and architecture and authentication capabilities of Windows, UNIX, Linux, Apple and middleware
Experience with database technologies, architectural reviews and PCI-DSS.
Specific Security related experience included Data-at-rest encryption, certificate validation, IDS/IPS, Firewalls, SEIMs and Log Management, syslog analysis, HTTP and TCP/IP analysis, and vulnerability assessment to include; cross-site scripting, SQL injection, cross-site request forgery, HTTP response splintering, the OWASP Top 10 and SANS Top 25.
Bachelor degree in information security, information assurance, computer science, management information systems, computer information systems, or a related discipline.
Possess at least one of the following professional designations (or one of similar stature):
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information System Auditor (CISA)
Certified Information Security Manager (CISM)
Certified in the Governance of Enterprise Information Technology (CGEIT)
Demonstrated excellent interpersonal skills.
Ability to interface effectively with all levels of employees/management.
Ability to stay focused to ensure that projects are completed accurately and on time.
Demonstrated excellent organizational skills
Ability to prioritize and complete multiple interdepartmental tasks in a timely fashion.
Excellent verbal and written communication skills in English
What we offer:
Highly talented, professional, and friendly team and great working environment
The ability to use cutting edge technologies
Possibility for personal and professional growth
Flexible working hours
Private Health Insurance
Free soft drinks, fruit, tea, and coffee
Full remote until July 2022, after that 2 days WFH/week
If you are interested in this position, please send a covering letter and CV in English!
email@example.com:~# Helloworld.rs koristi kolačiće kako bi ti pružao najbolje korisničko iskustvo. Nastavkom korišćenja
sajta smatraćemo da imamo saglasnost sa korišćenjem kolačića. Više o kolačićima možeš pročitati ovde.