Top 3 Skills: Third party software reviews, Google Cloud, Security by Design principles

Responsibilities:

• Invite collaboration with both technical and business stakeholders advising on our security standards, policies and industry trends to help the business and customers succeed.

• Develop relationships to share knowledge and influence security objectives while being inclusive to all stake holders.

• Improve and maintain security services, focused on review efficiency, standards definition, and change management correctness.

• Maintain operational security posture through incident management, vulnerability management, key management, identity and access management, etc.

• Respond to security incidents, manage the process and escalate as required.

• Perform various security service functions including internal vulnerability scans, user access review, configuration and hardening validation and automation of many of these tasks within our SIEM.

• Document risk and mitigation controls, including policy/procedure updates.

• Participate in audits and assessments and provide support, as appropriate.

• Analyze established operational security controls and procedures and recommend improvements.

• Evaluate appropriate tools for supporting the security operations function.

• Participate in security on-call rotation.

Preference will be given to candidates with working experience in the following:

• Extensive Linux administration and troubleshooting experience.

• Extensive Network technology administration and troubleshooting experience.

• Low level PKI management and troubleshooting.

• Cyber Ark PIM.

• HSM for example Luna 7 or related appliances.

• KeySecure NAE,KMIP and related services.

• Splunk and Rsyslog filtering.

• Hashicorp Vault as it pertains to secret and PKI management.

• SIEMs like Qradar/Splunk ES/LogRhythm or related technologies

What you bring:

• Bachelor's Degree or equivalent experience/certification

• Windows and Linux/UNIX administration experience

• Solid understanding and troubleshooting is the ISO layer protocols.

• Working understanding of cryptography.

• Excellent verbal and written communication skills.

• Experience working in a PCI DSS, SOC or HIPPA environment

• Knowledge of all security domains including hardware security modules, single-sign on, and identity management.

• Preference will be given to candidates with the following certifications: CISSP, CCSP, CSSLP, OSCP, CISM etc.