Senior Security Engineer - Site Operations iContact
Vocus (NASDAQ:VOCS) is a leading provider of Public Relations management software. Our software-as-a-service (SAAS) suite helps organizations of all sizes fundamentally change the way they communicate with the media and public by optimizing their public relations initiatives. Clients include the Global 2000, large corporations and associations as well as government agencies.
Role and Responsibilities
Systematically examine the organization's information security risks and vulnerabilities, taking account of related threats to determine and communicate the current state of the security controls in-place and a plan to remediate any findings.
Institute and maintain IT security standards, coordinate security assessment services delivery, and provide in-depth consultative analysis on any existing or new security solutions, problems, or issues.
Implement/maintain a coherent and comprehensive standards based suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; adopt an overarching management process to ensure that the controls in-place continue to meet the organization's information security needs and compliancy requirements on an ongoing basis
Provide lead consulting services covering topics such as security management practices, assessment methodology, access controls, vulnerability management, secure development practices, operational security, key management, and cryptography.
Aid in the development, preparation, maintenance and execution of security policies, procedures, risk assessment reports, system security plans, risk mitigation plans, contingency plans, disaster recovery plans, security tests and evaluations and Plans of Action and Milestones.
Conduct regular audits to ensure that systems are being operated securely and in adherence to documented policies and procedures.?
Counsel and provide leading technical expertise to root cause investigations of security incidents.
Initiate, facilitate, and promote activities to create ongoing information security awareness within the organization; coordinate and manage the organization?s annual Security Awareness Training program.
Communicate in both oral and written form the impact of a security risk to all levels within the organization.
Represent the organization as the information security POC for clients, assisting them with requests for information regarding security standards and implementation within our products and company.
Qualifications and Education Requirements
Bachelor?s degree with 5-8+ years total relevant experience with infrastructure security deployment, operations, documentation and compliance
Must have ability to support flexible schedule in support of 7x24 operations
Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management
Must be well versed in TCP/IP, IPSec, VLANs and networking standards
2-3 years? experience with enterprise class Cisco routers, switches and security appliances.
Experience with systems hardening, software and hardware security assessment, vulnerability analysis, and cyber risk assessment
Experience in the planning, implementation and maintenance of PCI DSS based controls with the ability to maintain these controls as required to ensure system compliance
Ability to lead standards based risk assessment of operational, administrative and developmental environments
Proven experience in preforming vulnerability assessments of Windows and Linux based operating systems, complex web based applications, ASP.NET, SQL Server, MS RPC, and other common components and platforms
Demonstrated experience leading projects that require strong security architecture, testing, and implementation skills and knowledge
Demonstrated project management experience
Strong leadership, analytical and problem solving skills
Excellent oral and written communication skills
Experience with PCI DSS 2.0, SOX and COBIT
Must provide writing samples
||Beltsville, MD |