Information Security Engineer within Information Security organization represents a dynamic opportunity to help the organization in assessing, implementing, and improving information security software, tools, and processes.
The candidate will be required to assist in identifying gaps in current security posture, and introduce appropriate security controls to address these gaps.
You will be playing a significant part in our Global Information Security Engineering team and will be coordinating efforts with the Security Architecture and across the Information Security Organization and business units at IQVIA.
You will also find yourself working together with other members of the IQVIA Information Security team, and liaising regularly with other teams at IQVIA, including CIO organization, as well as Global and Regional Business Units.
This is an opportunity to join and progress with a forward thinking department.
Assist with identification of gaps and areas of improvement of current IQVIA security controls
Evaluate tools, develop use cases, and document effectiveness of new tools and technologies to meet those use cases
Assist with Information Security Operations incidents as required
Design, implement and improve IQVIA Information Security controls
Upon request provide consultative advice ensuring security design for systems aligns with business needs and the company's overall security governance
Coordinate and execute product evaluations, POCs, technical security controls implementation and operationalization
Employ risk based approach in control selection and implementation
Provide input into creating security standards and procedures
Keep abreast with current security threats, trends and controls
Engage and work with vendors on projects and current security controls improvement
Support IQVIA business projects providing Information Security Expertise and knowledge for applicable security controls.
Document and maintain designs for the new and / or improved security controls as well as contribute to the documentation and work instructions for the Security Operations personnel
REQUIRED KNOWLEDGE, SKILLS AND ABILITIES :
Knowledge of information security concepts and best practices, as well as ability to apply these concepts into the business
Expertise in a system / network administration role supporting multiple platforms and applications
Design, implement and monitor security controls to protect computer systems, networks and all three aspects of confidentiality, integrity and availability
Identify and define system security requirements
Detailed technical knowledge of database, operating system and network security
Knowledge and experience with three or more of the following technologies and associated processes :
Next Generation Firewalls
Intrusion Detection / Prevention Systems
Data Security : Data Classification and Data Loss Prevention
Endpoint Detection and Response
Security information and event management (SIEM) solutions
Network Access Control
Cloud Access Security Broker
Knowledge of Cloud Architecture and Security (AWS, Azure)
Knowledge of Business Continuity Planning, Disaster Recovery, and High Availability architectures
Thorough understanding of cryptography
Strong analytical and problem-solving skills
Excellent oral and written communication skills; Ability to communicate security issues to various audiences
MINIMUM REQUIRED QUALIFICATIONS
Deep and wide experience in Information Technology and Information Security
BSc in Computer Science, Information Technology, Information Security, or a related field; MSc preferred but not required
At least one industry specific certification (CISSP, CISM, CISA, etc.) required