Security Engineer iContact

Our purpose is to create value for our customers, employees, community, and shareholders, while having fun and serving as a model for what a high-growth venture-backed company can become in terms of social and environmental responsibility. iContact's mission is to make online marketing easy so that companies and causes can succeed and grow.

Founded in 2003, iContact is a venture-backed 250+ person company based in Morrisville, NC, that provides on-demand software that simplifies email marketing. The iContact product is the leading email marketing platform used by over 70,000 companies worldwide ranging from small businesses to blue chip clients.

Why you want to work here

Dont want to use the elevator Dont worry we have a slide Stuck in a workday rut We have monthly massages and a game room equipped with, Rock Band, Foosball, Wii, Ping Pong Want to be part of a company that believes in more than just making money We are green, socially responsible and a certified B Corporation Got the Monday morning blues We have free bagels every Monday We also provide free drinks, monthly birthday cake, quarterly company lunches, and a creative and fun work environment iContact was named one of the Best Places to Work in the Triangle by the Triangle Business Journal in 2007, 2008, and 2009.

We are looking for a person who...


...takes pride in the ability of their team to keep things running

...never satisfied with past accomplishments

...enjoys being the go-to guy for answers

...collaborates to produce the best solutions and communicate ideas clearly

...takes the initiative to solve problems they identify

...thrive in a fast paced environment

is a little schizophrenic - manage both internal and external facing applications


If this sounds like you, we have a position that you want to check out


iContact is looking to expand their Security team to work with Infrastructure team to deploy, manage and maintain all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography systems, and anti-virus software.


Primary Responsibilities:

This is not a pigeonholed position in firewall administration, identity management, etc. The ideal candidate will be a jack of all trades individual with foundational understanding in many security domains; an energetic individual with a passion for security.

Work with appropriate teams to manage connection security for all company production systems, local area networks, and all internal corporate systems, including e-mail and intranet systems.

Ensure the integrity and confidentiality of information residing in all production and corporate databases, servers, workstations, and other systems.

Ensure the security of databases and data transferred both internally and externally.

Work with internal teams to maintain and audit PCI, SOX, EU Safe Harbor, etc compliance.

Assess need for any security reconfigurations and work with the appropriate teams to execute them if required.

Design, perform, and/or oversee vulnerability assessment of all systems in order to identify system vulnerabilities.

Develop, implement, maintain, and oversee enforcement of all IT security policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices and legal compliance.

Recommend, schedule, and work with appropriate teams to apply fixes, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.

Keep current with emerging security alerts and issues.

Conduct research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.

Propagate security awareness among employees, contractors and the appropriate vendors.

Interact and negotiate with vendors, outsourced providers, and contractors to obtain protection services and products.

Download and test new security software and/or technologies.

Work with MIS to audit end user accounts, permissions, and access rights.

Design, implement, and report on security system and end user activity audits.

Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.

Recommend, schedule, and assist in performing security improvements, upgrades, and/or purchases.

Monitor VPNs, server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and implement plans for resolution.

Control user logon procedures and password management practices.

Provide on-call security support for all systems and to all end users.

Forensic analysis of security events.


Requirements:

Degree in Networking, Computer Science, Information Technology, or related work experience (relevant experience - field preferred and education may be considered in lieu of a degree).

At least 5 years work experience in a security related position such as Operations, or Infrastructure support roles.

Intuition and keen instincts to anticipate attacks.

High level of analytical and problem-solving abilities.

Broad hands-on knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.

Experience with devices such as switches and routers.

In-depth technical knowledge of network and platform operating systems, including Linux, Windows and Mac OS X.

Working technical knowledge of current systems software, protocols, and standards.

Strong knowledge of TCP/IP, and other network protocols, including vulnerabilities and solutions.

Strong knowledge of applicable practices and laws relating to data privacy and protection.

Ability to conduct research into security issues and products as required.

Knowledge of IT law enforcement practices and procedures.

Strong understanding of the organizations goals and objectives.

Strong interpersonal and oral communication skills.

Ability to communicate ideas and solutions to non-technical people.

Ability to maintain confidentiality with sensitive customer and internal information.

Highly self motivated and directed.

Strong organizational skills and excellent attention to detail.

Ability to effectively prioritize and execute tasks in a high-pressure environment.

Experience working in a team-oriented, collaborative environment.

Certifications such as CISSP, CCSP, Security+, GSE, GIAC or similar desirable.

Location:	2635 Meridian Parkway Suite 200 Durham, NC 27713 United States