The Info Security Engineer III will support the Dir IT Security Engineering and Chief Information Security Officer (CISO) to provide the highest quality of information protection and assurance solutions to customers and business partners.
The primary responsibility of this position is to participate in development efforts and ongoing support of the information security program.
This includes participation in the planning, deployment, and support of a variety of security concepts and technologies, PCI / SOX compliance, managing outsourced cloud security functions and internet fraud prevention.
Operates network and computing devices / systems that enforces security policies and audit controls.
Provides engineering services, security consulting and leadership on select projects.
Researches emerging technologies in support of ongoing security practice and enhancement.
Provides engineering support for security operations team, service desk and escalation tiers.
Performs hands-on engineering support of wide range of security technologies.
Assists in remediation and responses to audits, vulnerability assessments and penetration tests.
Participates in security architecture and consulting with other IT teams.
Assists in developing and analyzing security-related metrics.
Assists in developing and updating processes and procedures with a focus on automation.
Participates in problem analysis and incident response and participate in activities required by internal and external audit.
Performs other duties as assigned.
Bachelors Degree in Computer Science or related field; or equivalent post high school education and / or work related experience.
GIAC, CISSP, CISA, or CISM certifications preferred.
5-7 years identity and access management experience.
5-7 years of experience in Information Security.
Ability to function as a consultant to other business units on security matters as a recognized subject matter expert.
Proven ability to make decisions based on the given data in a timely fashion.
Ability to influence those outside of the department to drive desired business results.
Proven experience managing numerous projects and activities simultaneously.
Functional understanding of TCP / IP networks, load balancers, and Firewalls, functional / advanced understanding of database concepts, Scripting and Programming.
Ability to relate internal policies and regulatory requirements to business requirements.
Experience mentoring junior and mid-level engineers.
Experience in working with compliance and regulatory program requirements.
Experience deploying and / or supporting a SIEM solution.
Experience analyzing network, event and security logs.
Proven project management and organizational skills, specifically managing multiple concurrent projects.
Excellent analytical, problem solving and decision making skills, applied with a solution-focused attitude.
Excellent written communication skills, demonstrating the ability to write with purpose, clarity, and accuracy.
Strong self-directed work habits, exhibiting initiative, drive, creativity, maturity, self-assurance and professionalism.
Experience with QA (usability testing, performance testing, automated testing, test scripts, test cases and test plans) preferred.