Information Security Engineer
Company Name:
Monte World Wide Staffing
Information Security Engineer Sr.
Job Location : Goodlettsville, TN
________________________________________
Job Description : Are you ready for an exciting career move? We''re a fast moving $17.5 billion, Fortune 200 publicly-traded company with more than 11,000 stores and 12 distribution centers in 40 states, growing by hundreds of stores each year. We work in an energetic team atmosphere that leverages each persons strengths and maximizes potential. We are committed to attracting upbeat, talented, and motivated people who can advance our mission of Serving Others.
The Information Security Engineer Sr., while reporting to the IT Security Sr. Manager, is responsible for working with the information security management team to administer the Companys information security programs, maintains Sarbanes-Oxley, HIPAA, and PCI DSS compliance programs, and designing, implementing, supporting a variety of systems and applications. The Sr. Engineer will also lead a variety of projects while also being responsible, both independently and as a team member, recommending, designing, implementing, administering, etc. pragmatic information security controls that meet dynamic tactical and strategic information security objectives.
Duties and Responsibilities
Designs, implements, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner.
Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services).
Maintains knowledge of current and emerging security, compliance, and technical developments. Identifies current and potential future vulnerabilities and collaborates with appropriate leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines.
Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC.
Works with the information security management team to administer, maintain, and continuously improve SOX, HIPAA, PCI DSS, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans.
Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security.
Mentor and cross-train junior department team members lead meetings build and maintain strong partnerships with multiple departments coordinate vendor support engagements etc.
Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements.
Knowledge, Skills, and Abilities
Familiar with and ability to apply time-proven, generally-accepted security management methodologies, concepts and techniques.
Strong understanding of current and developing information security technologies and trends.
Strong, effective written and oral communication skills that enables effective communications to multiple audiences.
Strong internal (security recommendations) and external (vendor support) negotiation skills.
Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources.
Strong understanding of PCI, HIPAA, and SOC regulatory requirements.
Development/analysis proficiency in one or more scripting languages.
Development/analysis proficiency in TSQL.
Ability to learn and retain new skills required to adapt to evolving business and technical environments.
Ability to influence and motivate others.
Ability to occasionally work during non-standard shifts and in an on-call capacity and be available for occasional travel (up to 25%).
Work Experience and/or Education
College degree or equivalent experience in information security or computer information systems.
Minimum six years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives.
Active CISSP, CISA, or CISM certification.
Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management.
Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AIX, AS400, PAN OS, Cisco IOS, etc.) enterprise services (e.g. directory services, email, content management and collaboration, web publishing, database, virtualization, etc.) client-server, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc.
Our Benefits Package
Health, dental, vision and life insurance
Long term disability
Accidental Death and Dismemberment insurance
Company matched 401(k)
Paid vacation
On site child care, ATM, cafeteria and fitness facility
Fun, values centered work atmosphere
Corporate casual dress
Relocation Assistance
Candidate Must Have : Minimum six years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives.,Active CISSP, CISA, or CISM certification.,Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management.,Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AIX, AS400, PAN OS, Cisco IOS, etc.) enterprise services (e.g. directory services, email, content management and collaboration, web publishing, database, virtualization, etc.) client-server, thin-client, and web-based applications enterprise applications (e.g. Lawson)
Additional Information : N/AEstimated Salary: $20 to $28 per hour based on qualifications.
Monte World Wide Staffing
Information Security Engineer Sr.
Job Location : Goodlettsville, TN
________________________________________
Job Description : Are you ready for an exciting career move? We''re a fast moving $17.5 billion, Fortune 200 publicly-traded company with more than 11,000 stores and 12 distribution centers in 40 states, growing by hundreds of stores each year. We work in an energetic team atmosphere that leverages each persons strengths and maximizes potential. We are committed to attracting upbeat, talented, and motivated people who can advance our mission of Serving Others.
The Information Security Engineer Sr., while reporting to the IT Security Sr. Manager, is responsible for working with the information security management team to administer the Companys information security programs, maintains Sarbanes-Oxley, HIPAA, and PCI DSS compliance programs, and designing, implementing, supporting a variety of systems and applications. The Sr. Engineer will also lead a variety of projects while also being responsible, both independently and as a team member, recommending, designing, implementing, administering, etc. pragmatic information security controls that meet dynamic tactical and strategic information security objectives.
Duties and Responsibilities
Designs, implements, administers, and supports multiple information security platforms, systems, and applications. Supports a variety of technologies in a hands-on manner.
Performs internal security risk assessments, security risk assessments of third party business partners, and detailed security risk assessments of various technologies. (Examples include directory services, database platforms, client and server operating systems, programming languages, web services, firewalls, remote access technologies, messaging platforms, encryption solutions, wireless technologies, internally-hosted applications, externally-hosted applications, and cloud services).
Maintains knowledge of current and emerging security, compliance, and technical developments. Identifies current and potential future vulnerabilities and collaborates with appropriate leaders to identify, recommend, and develop risk remediation plans, ad to track remediation outcomes and timelines.
Supports defined Company operating principles via effective, pragmatic information security controls. Analyzes, defines, implements, and administers efficient business processes related to information security programs. Represents the information security function through pragmatic consultation and participation in a defined SDLC.
Works with the information security management team to administer, maintain, and continuously improve SOX, HIPAA, PCI DSS, and internal controls compliance programs, investigate known or suspected security incidents, support internal and external audits, and assist in the development of appropriate audit response Management Action Plans.
Uses project management best practices to initiate, manage, and close projects, often simultaneously across a variety of projects. Creates and maintains a variety of documents related to projects and information security.
Mentor and cross-train junior department team members lead meetings build and maintain strong partnerships with multiple departments coordinate vendor support engagements etc.
Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements.
Knowledge, Skills, and Abilities
Familiar with and ability to apply time-proven, generally-accepted security management methodologies, concepts and techniques.
Strong understanding of current and developing information security technologies and trends.
Strong, effective written and oral communication skills that enables effective communications to multiple audiences.
Strong internal (security recommendations) and external (vendor support) negotiation skills.
Strong understanding of pragmatic implementation of information security controls, holistic defense-in-depth strategies, protocols used to interconnect networks, and publish application resources.
Strong understanding of PCI, HIPAA, and SOC regulatory requirements.
Development/analysis proficiency in one or more scripting languages.
Development/analysis proficiency in TSQL.
Ability to learn and retain new skills required to adapt to evolving business and technical environments.
Ability to influence and motivate others.
Ability to occasionally work during non-standard shifts and in an on-call capacity and be available for occasional travel (up to 25%).
Work Experience and/or Education
College degree or equivalent experience in information security or computer information systems.
Minimum six years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives.
Active CISSP, CISA, or CISM certification.
Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management.
Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AIX, AS400, PAN OS, Cisco IOS, etc.) enterprise services (e.g. directory services, email, content management and collaboration, web publishing, database, virtualization, etc.) client-server, thin-client, and web-based applications enterprise applications (e.g. Lawson) cloud services (e.g. SaaS, IaaS, etc.) data storage, etc.
Our Benefits Package
Health, dental, vision and life insurance
Long term disability
Accidental Death and Dismemberment insurance
Company matched 401(k)
Paid vacation
On site child care, ATM, cafeteria and fitness facility
Fun, values centered work atmosphere
Corporate casual dress
Relocation Assistance
Candidate Must Have : Minimum six years of information security generalist experience (broad and deep in data, application, system, and network security domains) with complex technical initiatives.,Active CISSP, CISA, or CISM certification.,Hands-on SME/lead experience with the design, implementation, and administration of at least 5 of the following technologies: Palo Alto Networks, IBM Tivoli Endpoint Manager (BigFix), IBM QRadar (SIEM), Qualys Vulnerability Scanning Solutions, Tenable Nessus, Juniper SSL VPN GlobalScape EFT Server Symantec Data Loss Prevention (Vontu), RSA SecurID, and CyberArk Password Management.,Experience identifying and addressing security risks associated with host and network operating systems (e.g. Windows, Linux, AIX, AS400, PAN OS, Cisco IOS, etc.) enterprise services (e.g. directory services, email, content management and collaboration, web publishing, database, virtualization, etc.) client-server, thin-client, and web-based applications enterprise applications (e.g. Lawson)
Additional Information : N/AEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
