Sr Information Security Engineer Demand Media
THIS JOB HAS EXPIRED
Sr Information Security Engineer
IT | Kirkland, WA, United States
- Architect, install, manage and troubleshoot technical security controls such as Firewalls, Intrusion Detection Systems, Security Information Event Monitoring systems, vulnerability scanners, Malware solutions, Anti-Virus, Authentication systems, Virtual Private Networks, File Integrity Monitors, and/or other network security devices.
- Research, evaluate, test, recommend, communicate and implements new security software or devices. Present written findings and recommendations as necessary.
- Maintain on call duties / schedule as required for Investigation and Incident Response and as directed by the Director of Information Security.
- Perform continual vulnerability, threat and risk assessments on all application environments using both automated analysis tools and manual procedures.
- Continually research new threat vectors, vulnerabilities, exploits, etc., determine how they apply to Demand Media, design and document proposed risk treatment controls.
- Make all reasonable efforts to safeguard the network against unauthorized infiltration, modification, destruction, or disclosure.
- Analyze risk of existing network and system architectures and their security policies, document risks and propose risk treatment plans.
- Evaluate operating practices and component level diagrams to determine if controls and security measures are adequate.
- Participate in enhancing the Information Security Program by developing new and / or proposing updates to technical control standards supporting the various Demand Media platforms and environments.
- Assist software engineers with implementing best secure code development practices, vulnerability testing in development and testing as well as in production.
- Continually review Information Security system logs and monitoring tools for potential incidents.
- Act as a resource and provide innovative solutions by investigating, analyzing, and resolving highly complex security-related questions and problems.
- Provide technical security support to the Network Engineering, Systems Engineering, Network Operations Center and Corporate IT teams.
- Independently lead projects, coordinate efforts with all team members, ensure proper communication to management as well as the overall success of the project through to completion.
- Communicate to cross-functional teams the importance of Information Security
- Promote collaboration, cooperation, communication and teamwork within the Information Security team and project counterparts outside of the Information Security Team.
- Attend training courses and conferences as required to manage security controls and sustain continued education.
- Foster and maintain amicable relationships with security vendors and partnerships.
- Travel, as needed, between Demand offices.
- Applicable BS/BA degree (or equivalent work experience)
- Minimum of 10 years of related work experience implementing network infrastructure and at least 6 years focused on operational security
- Expert-level knowledge and experience managing network and security devices such as; firewalls, IDS / IPS, SIEM's, AV, Malware devices, VPN's, vulnerability scanning tools, etc.
- Expert knowledge of network technologies and protocols
- Extensive investigation and incident response experience analyzing networking technology including TCP/IP, Routers, Switching, VLANs, LANs, WANs and Wireless systems, Windows and Linux servers.
- Familiarity with network architectures and technologies, Windows Active Directory, Windows-Linux server, desktop operating systems, database and application architecture, etc. (Expertise in either Window's or Linux helpful)
- Must have IT Security auditing experience throughout work history conducting device configuration and security policy reviews, penetration testing, vulnerability assessments including web application vulnerabilities, network architecture assessments, system security assessments, general security posture and risk assessments, etc.
- Must have experience with SOX and PCI compliance control frameworks (ISO 27001, COBIT, Safe Harbor, Privacy and Breach and Disclosure law favorable)
- Ability to think through complex problems, determine proper analytical processes and procedures, independently derive conclusions and present results to management.
- Must be highly motivated with a strong work ethic and able to work effectively under minimal supervision.
- Must be team-oriented, placing priority on the successful completion of team goals.
- Outstanding written / technical writing skills and oral communication skills are required.
- Project management skills including requirements analysis, project scoping, problem solving, status reporting, technical analysis, and meeting tight deadlines.
- Proficiency with Microsoft Office Suite and Visio required.
- Must pass background check
We are an equal opportunity Employer M/F.
- CISSP, CISA, or other industry certifications
- Professional memberships with ISACA, ISSA, IRCA
- Domain registry or registrar experience preferred
<< Back to Current Openings
THIS JOB HAS EXPIRED