Senior Security Engineer iContact
THIS JOB HAS EXPIRED Vocus, Inc. is a leading marketing cloud provider that helps businesses reach and influence buyers across social networks, online and through media. Vocus provides an integrated suite that combines social marketing, search marketing, email marketing and publicity into a comprehensive solution to help businesses attract, engage and retain customers. Vocus software is used by more than 120,000 organizations worldwide and is available in seven languages. Vocus is based in Beltsville, MD with offices in North America, Europe and Asia.
Role and Responsibilities:
Systematically examine the organization's information security risks and vulnerabilities, taking account of related threats to determine and communicate the current state of the security controls in-place and a plan to remediate any findings.
Institute and maintain IT security standards, coordinate security assessment services delivery, and provide in-depth consultative analysis on any existing or new security solutions, problems, or issues.
Implement/maintain a coherent and comprehensive standards based suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; adopt an overarching management process to ensure that the controls in-place continue to meet the organization's information security needs and compliancy requirements on an ongoing basis
Provide lead consulting services covering topics such as security management practices, assessment methodology, access controls, vulnerability management, secure development practices, operational security, key management, and cryptography.
Aid in the development, preparation, maintenance and execution of security policies, procedures, risk assessment reports, system security plans, risk mitigation plans, contingency plans, disaster recovery plans, security tests and evaluations and Plans of Action and Milestones.
Conduct regular audits to ensure that systems are being operated securely and in adherence to documented policies and procedures.?
Counsel and provide leading technical expertise to root cause investigations of security incidents.
Initiate, facilitate, and promote activities to create ongoing information security awareness within the organization; coordinate and manage the organization?s annual Security Awareness Training program.
Communicate in both oral and written form the impact of a security risk to all levels within the organization.
Represent the organization as the information security POC for clients, assisting them with requests for information regarding security standards and implementation within our products and company.
Qualifications and Education Requirements:
Bachelor?s degree with 5-8+ years total relevant experience with infrastructure security deployment, operations, documentation and compliance. Must have ability to support flexible schedule in support of 7x24 operations. Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management. Must be well versed in TCP/IP, IPSec, VLANs and networking standards. 2-3 years? experience with enterprise class Cisco routers, switches and security appliances.
Experience with systems hardening, software and hardware security assessment, vulnerability analysis, and cyber risk assessment
Experience in the planning, implementation and maintenance of PCI DSS based controls with the ability to maintain these controls as required to ensure system compliance
Ability to lead standards based risk assessment of operational, administrative and developmental environments
Proven experience in preforming vulnerability assessments of Windows and Linux based operating systems, complex web based applications, ASP.NET, SQL Server, MS RPC, and other common components and platforms
Demonstrated experience leading projects that require strong security architecture, testing, and implementation skills and knowledge
Demonstrated project management experience
Strong leadership, analytical and problem solving skills
Excellent oral and written communication skills
Experience with PCI DSS 2.0, SOX and COBIT
Must provide writing samples
CISSP ? Certified Information Systems Security Professional
CISA - Certified Information Systems Auditor
MCSE+Security ? Microsoft Certified Systems Engineer; Security track
CEH ? Certified Ethical Hacker
SANS, SCNP, CISM - Other security industry certifications
||Beltsville, MD |
THIS JOB HAS EXPIRED