Information Security Engineer
GENERAL DUTIES & RESPONSIBILITIES:
- Define processes and supporting technology to assist the security infrastructure team to actively monitor for threats and vulnerabilities. Proactively identify threats before they impact the organization. Integrate continuous threat intelligence into our SEM tools and processes.
- Enhance and integrate security solutions to automate the detection-to-remediation activities (e.g., Security Event Management optimization and integration with ticketing system).
- Automate vulnerability scanning and integrate into the ticketing system. Consistently measure the output from the scanning process and ensure that remediation SLAs are established and met.
- Provide leadership to the engineering and operations team who is responsible for the care and feeding of many of the security technologies employed at client (e.g., Security Event Management, Vulnerability Management, and Malicious Program Detection & Prevention).
- Work closely with Security Architecture to develop the processes and technologies to prevent and detect malicious software in the environment.
- Build repeatable and sustainable penetration testing processes. Establish a framework to drive ongoing security assessment plans.
- Manage security related incidents in the corporate environment that were not mitigated through 1st tier operational activities. Provide oversight to the identification, containment and remediation of a security incident.
- Lead investigative activities that involve electronic data. Work closely with other risk management functions, legal and HR to support corporate investigations. Ensure that forensic evidence is preserved and can be used for legal proceedings if necessary.
- Work closely with the Security Compliance & Controls function to align client's processes and controls with the compliance requirements facing Supervalu systems and data.
- Build and enforce security hardening standards.
- Implement preventative and detective controls to mitigate the risk of denial-of-service attacks.
- A Bachelor's or Master's degree in Business, Computer Science or Information Systems or the equivalent combination of education, training, or work experience.
GENERAL KNOWLEDGE, SKILLS & ABILITIES:
- Bachelor degree in Computer Science, Information Technology or related field required.
- Minimum of 9 years information security experience with a heavy technical focus and with 7 years of progressively increasing responsibility.
- Minimum of 5 years in a leadership position with solid people development experience.
- CISSP or SANS - GIAC certification preferred.
- Implementation of technical security architectures within a large enterprise environment is preferred.
- Experience in implementing and managing core security systems and processes such as:
- Security Event Management (e.g., Security Analytics)
- Vulnerability Management (e.g., enterprise vulnerability scanners, static/dynamic code )
- Endpoint security technologies (e.g., anti-virus, HIPS)
- Advanced malware (e.g., Cisco AMP)
- Forensic toolsets
- Firewalls, VPNs and Proxies
- Web application firewalls