Senior Security Engineer
Company Name:
Arca24.com
Salary period: Annual
Additional classifications: Engineering
Senior Security Engineer
Vocus is a leading provider of public relations software that enables professionals to plan, execute and measure influencer-oriented campaigns in one integrated platform. Communications professionals from over 120,000 corporations, agencies and nonprofits use Vocus to access the world's largest pitchable media and blogger database, distribute press releases, manage influencer outreach, measure social media activities, and analyze the effectiveness of communications campaigns. Vocus is the parent company to PRWeb, Help a Reporter Out (HARO) and iContact. It is headquartered in Beltsville, Maryland with offices in North America and Europe.
For more information call 345-5572 or follow on
Responsibilities:
Systematically examine the organization's information security risks and vulnerabilities, taking account of related threats to determine and communicate the current state of the security controls in-place and a plan to remediate any findings.
Institute and maintain IT security standards, coordinate security assessment services delivery, and provide in-depth consultative analysis on any existing or new security solutions, problems, or issues.
Implement/maintain a coherent and comprehensive standards based suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; adopt an overarching management process to ensure that the controls in-place continue to meet the organization's information security needs and compliancy requirements on an ongoing basis
Provide lead consulting services covering topics such as security management practices, assessment methodology, access controls, vulnerability management, secure development practices, operational security, key management, and cryptography.
Aid in the development, preparation, maintenance and execution of security policies, procedures, risk assessment reports, system security plans, risk mitigation plans, contingency plans, disaster recovery plans, security tests and evaluations and Plans of Action and Milestones.
Conduct regular audits to ensure that systems are being operated securely and in adherence to documented policies and procedures.
Counsel and provide leading technical expertise to root cause investigations of security incidents.
Initiate, facilitate, and promote activities to create ongoing information security awareness within the organization; coordinate and manage the organization's annual Security Awareness Training program.
Communicate in both oral and written form the impact of a security risk to all levels within the organization.
Represent the organization as the information security POC for clients, assisting them with requests for information regarding security standards and implementation within our products and company.
Qualifications: Bachelor's degree with 5-8
years total relevant experience with infrastructure security deployment, operations, documentation and compliance. Must have ability to support flexible schedule in support of 7x24 operations. Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management. Must be well versed in TCP/IP, IPSec, VLANs and networking standards. 2-3 years' experience with enterprise class Cisco routers, switches and security appliances.
Experience with systems hardening, software and hardware security assessment, vulnerability analysis, and cyber risk assessment
Experience in the planning, implementation and maintenance of PCI DSS based controls with the ability to maintain these controls as required to ensure system compliance
Ability to lead standards based risk assessment of operational, administrative and developmental environments
Proven experience in preforming vulnerability assessments of Windows and Linux based operating systems, complex web based applications, ASP.NET, SQL Server, MS RPC, and other common components and platforms
Demonstrated experience leading projects that require strong security architecture, testing, and implementation skills and knowledge
Demonstrated project management experience
Strong leadership, analytical and problem solving skills
Excellent oral and written communication skills
Experience with PCI DSS 2.0, SOX and COBIT
Must provide writing samples
Preferred Skills:
CISSP - Certified Information Systems Security Professional
CISA - Certified Information Systems Auditor
MCSE+Security - Microsoft Certified Systems Engineer; Security track
CEH - Certified Ethical Hacker
SANS, SCNP, CISM - Other security industry certifications
Company Perks:
Our state-of-the-art New Urbanist headquarters makes Vocus a truly remarkable place to work.
Access to an ultramodern gym facility with free yoga and fitness classes
Indoor basketball court
Competitive base salary with uncapped commissions
Full benefit package including medical, dental, vision, 401K, and paid time off
Work hard, play hard environment
To learn more about opportunities please visit Follow Vocus Careers on Facebook & on Twitter EEO/AA employer M/F/D/VEstimated Salary: $20 to $28 per hour based on qualifications.
Arca24.com
Salary period: Annual
Additional classifications: Engineering
Senior Security Engineer
Vocus is a leading provider of public relations software that enables professionals to plan, execute and measure influencer-oriented campaigns in one integrated platform. Communications professionals from over 120,000 corporations, agencies and nonprofits use Vocus to access the world's largest pitchable media and blogger database, distribute press releases, manage influencer outreach, measure social media activities, and analyze the effectiveness of communications campaigns. Vocus is the parent company to PRWeb, Help a Reporter Out (HARO) and iContact. It is headquartered in Beltsville, Maryland with offices in North America and Europe.
For more information call 345-5572 or follow on
Responsibilities:
Systematically examine the organization's information security risks and vulnerabilities, taking account of related threats to determine and communicate the current state of the security controls in-place and a plan to remediate any findings.
Institute and maintain IT security standards, coordinate security assessment services delivery, and provide in-depth consultative analysis on any existing or new security solutions, problems, or issues.
Implement/maintain a coherent and comprehensive standards based suite of information security controls and/or other forms of risk treatment (such as risk avoidance or risk transfer) to address those risks that are deemed unacceptable; adopt an overarching management process to ensure that the controls in-place continue to meet the organization's information security needs and compliancy requirements on an ongoing basis
Provide lead consulting services covering topics such as security management practices, assessment methodology, access controls, vulnerability management, secure development practices, operational security, key management, and cryptography.
Aid in the development, preparation, maintenance and execution of security policies, procedures, risk assessment reports, system security plans, risk mitigation plans, contingency plans, disaster recovery plans, security tests and evaluations and Plans of Action and Milestones.
Conduct regular audits to ensure that systems are being operated securely and in adherence to documented policies and procedures.
Counsel and provide leading technical expertise to root cause investigations of security incidents.
Initiate, facilitate, and promote activities to create ongoing information security awareness within the organization; coordinate and manage the organization's annual Security Awareness Training program.
Communicate in both oral and written form the impact of a security risk to all levels within the organization.
Represent the organization as the information security POC for clients, assisting them with requests for information regarding security standards and implementation within our products and company.
Qualifications: Bachelor's degree with 5-8
years total relevant experience with infrastructure security deployment, operations, documentation and compliance. Must have ability to support flexible schedule in support of 7x24 operations. Expert level knowledge of installing, deploying, documenting, and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus, antimalware, anti-spam and unified threat management. Must be well versed in TCP/IP, IPSec, VLANs and networking standards. 2-3 years' experience with enterprise class Cisco routers, switches and security appliances.
Experience with systems hardening, software and hardware security assessment, vulnerability analysis, and cyber risk assessment
Experience in the planning, implementation and maintenance of PCI DSS based controls with the ability to maintain these controls as required to ensure system compliance
Ability to lead standards based risk assessment of operational, administrative and developmental environments
Proven experience in preforming vulnerability assessments of Windows and Linux based operating systems, complex web based applications, ASP.NET, SQL Server, MS RPC, and other common components and platforms
Demonstrated experience leading projects that require strong security architecture, testing, and implementation skills and knowledge
Demonstrated project management experience
Strong leadership, analytical and problem solving skills
Excellent oral and written communication skills
Experience with PCI DSS 2.0, SOX and COBIT
Must provide writing samples
Preferred Skills:
CISSP - Certified Information Systems Security Professional
CISA - Certified Information Systems Auditor
MCSE+Security - Microsoft Certified Systems Engineer; Security track
CEH - Certified Ethical Hacker
SANS, SCNP, CISM - Other security industry certifications
Company Perks:
Our state-of-the-art New Urbanist headquarters makes Vocus a truly remarkable place to work.
Access to an ultramodern gym facility with free yoga and fitness classes
Indoor basketball court
Competitive base salary with uncapped commissions
Full benefit package including medical, dental, vision, 401K, and paid time off
Work hard, play hard environment
To learn more about opportunities please visit Follow Vocus Careers on Facebook & on Twitter EEO/AA employer M/F/D/VEstimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
