• Partnering with peer security organizations
• Supporting the security risk team to mitigate risks
• Assisting with the alignment of security standards with the Security Advisory team
• Maintaining all critical business operations
• Addressing tickets promptly and working on program initiatives
• Partnering with CSOC to develop new monitoring rules to gain additional logging on endpoints for analysis
• Provide management, operational support, and documentation related to any of OTS’s tooling and applications that support Workday
• Develop and refine metrics to improve internal processes
• Firewall management including annual policy review and approving planned and ad-hoc rule changes, review and approve IPS/IDS policy rules
• Contributor to security infrastructure design and engineering, new/replacement firewalls
• Initiate high-risk level changes and recommend solutions to minimize and/or prevent system interruption
• Supporting the Security Operations Centre (SOC) monitor systems for irregular behaviour and set up preventative operational tasks through automation and technical efficiencies
• Configure, troubleshoot, and maintain security infrastructure software and hardware
• Ensures compliance with internal audit requirements and security policies and standards
• Vulnerability management including asset scans, monitoring and mapping
• SIEM alert management including identifying log parsing errors, advising on remediation activities, reviewing/action of alerts and collaborating on alert optimization
• Support real-time security monitoring of operations
• Email and Endpoint alert and management, including investigating/responding to alerts, system monitoring and contributing towards continuous improvements and upgrades
• Identify, assess, and respond to security alerts and indicators of compromise

Skills: Firewall Management, SIEM Monitoring, Vulnerability Assessment, Endpoint Security, Security Automation, Incident Response, Tooling Support, Risk Mitigation

• Evaluate, deploy, and operate a variety of information security systems
• Identify, advise and make recommendations regarding the implementation of security controls and architectures
• Understand complex technical issues and manage them within a fast-paced business environment
• Responsible for implementing processes and procedures to achieve and maintain internal and external compliance (e.g., HIPAA, SOC and ISO 27001) and other regulations including methods for ongoing monitoring of compliance status
• Identify current and emerging technology issues, including security trends, vulnerabilities and threats
• Conduct proactive research to analyse security weaknesses and recommend appropriate strategies
• Establish technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Analyze, escalate and assist in the remediation of information security incidents
• Manage and configure tools to monitor activity on networks, cloud platforms, and systems
• Monitor, evaluate, and action alerts from security systems
• Assess technical controls and identify areas of improvement
• Analyze reports and raw data to identify unusual or anomalous behavior
• Work, coordinate, and collaborate with a globally distributed team
• Assist in maintaining standard operating procedures
• Assess risk associated with information systems and cloud platforms
• Evaluate and apply threat intelligence
• Implement best practices and standards in information security, cloud operations, and systems provisioning

Skills: Security Operations, Threat Analysis, Incident Response, Compliance Monitoring, Risk Assessment, Cloud Security, Security Automation, Tool Management

• Manage firewall, intrusion detection and prevention systems
• Manage vulnerability scanning and remediation plans
• Protect information systems against unauthorized access
• Configure log aggregation and review logs for security events
• Install, configure, and manage network security software
• Review system configurations and advise on security best practices
• Monitor network activity to identify issues early and communicate them to IT teams
• Act on security breaches and malware threats
• Serve as a security expert and conduct training
• Support the creation and maintenance of security policies and procedures
• Conduct internal and external security audits
• Monitor and respond to emerging threats and ongoing best practices changes

Skills: Firewall Management, Intrusion Prevention, Vulnerability Remediation, Log Analysis, Network Monitoring, Malware Response, Security Auditing, Policy Development

• Assist in engineering security solutions for the organization
• Oversee and administer security tools to ensure compliance with organizational policies and procedures as they pertain to Information Security, systems hardening, software patching and fixes
• Work with system design architects and project managers to provide security requirements and confirm their integration within the phases of the SDLC
• Work closely with the security compliance team
• Researches, identifies, recommends and deploys solutions and data security applications that may strengthen or improve the overall security posture of PennyMac
• Interact with the associate population to address security incidents and answer questions concerning security policy and operations
• Ideate and implement new solutions to support platform growth and changes
• Shape and develop technology security solutions and policies
• Manage identity, access management, and security monitoring tooling
• Manage security scanning, monitoring and configuration management infrastructure
• Perform security forensics, advanced troubleshooting, and investigations
• Work closely with product management, operations, and the software development team
• Identify, track, and drive the mitigation of security risks
• Perform security reviews for designs and changes, vendor audits and support third-party audits

Skills: Security Engineering, Access Management, Security Compliance, Risk Mitigation, Tool Administration, SDLC Security, Forensic Investigation, Configuration Management

• Contributes to the planning, design and implementation of the Information Security programs and strategies that provide oversight and direction to the DNR
• Contributes functional expertise in the following functional areas: system access, network security, security governance/management practices, application and system development, security architecture, business continuity and disaster recovery planning
• Work with information security professionals, application architects and developers, and application business owners
• Ensure business applications are architected, designed, and built according to enterprise security standards and guidelines
• Act as a security project consultant for all DNR’s technology projects
• Hands-on 3rd line support
• Work closely with various internal partners to review and embed security technologies in line with the corporate program
• Collaborate with corporate and operating company information security teams to assist in the support and implementation of technology as well as to maintain clear lines of communication
• Lead large, complex projects and manage resources optimally
• Provide timely updates to management teams regarding projects currently in progress
• Perform security analysis and provide metrics and reporting
• Assist in formulating security architecture recommendations and the design of in-scope security services
• Ensure alignment with practices in accordance with industry standards and corporate policies and procedures
• Ensures compliance with all audit requirements including change control procedures and data security

Skills: Security Architecture, Network Security, Security Governance, Risk Analysis, Project Leadership, Compliance Monitoring, Access Control, Disaster Recovery

• Build tools to help understand and improve the security posture of the open source software
• Work with external partners and the open source community
• Find security vulnerabilities in open source software
• Advocate for security and secure practices throughout Google, and be involved in offensive security exercises
• Working in a team to identify and implement an optimal technical solution to meet customer requirements
• Promoting and enhancing the quality of solutions through the life cycle of solutions
• Participating in transforming, searching and resolving problems based on big data
• Writing and maintenance of product documentation related to the assigned product modules
• Providing customer support
• Manage and execute the threat intelligence program
• Maintain and enforce information security standards
• Ensure day-to-day operational tasks are performed and security metrics are relevant and current
• Conduct risk assessments and present findings to senior leadership
• Execute and improve incident response processes
• Support business units by providing information security expertise
• Lead data loss prevention efforts across the organization
• Coordinate vulnerability and patch management programs across the organization
• Conduct information security awareness campaigns

Skills: Open Source, Threat Intel, Vulnerability Detection, Incident Response, Risk Analysis, Data Loss Prevention, Security Standards, Support Ops

• Provide enterprise risk and threat communication efforts to key groups and the enterprise regarding potential threats and remediation efforts
• Develop blog posts with effective analysis and actionable intelligence based on relevant security events
• Providing a checklist, guidelines and implementation for security polices for proxy servers and investigation of security incidents related to proxy browsing
• Maintain an awareness of bank security policies and government regulations about information security
• Create and deliver information security presentations and reports to internal support teams, LOBs s and leadership
• Develop and maintain operational documentation and procedures
• Participates in the research, analysis, design, testing and implementation of medium to complex computer network security/protection technologies for company information and network systems/applications
• Assists customers in identifying security solutions for the company's networks and virtual private networks, application systems, key public infrastructures, authentication and directory services to ensure the security of the network and confidential data
• Assists senior-level engineers with periodic vulnerability scans of networks to identify security vulnerabilities
• Conducts security risk assessments to ensure compliance with corporate security policies and adherence to best practices
• Assists in computer security incident response activities and the technical investigations of security-related incidents

Skills: Threat Communication, Security Reporting, Proxy Security, Policy Compliance, Risk Assessment, Incident Support, Network Protection, Vulnerability Scanning

• Implement security policies, standards, guidelines and procedures
• Conduct monitoring and review activities of systems to ensure compliance and mitigate organizational risk
• Analyze actionable intelligence regarding current threats
• Develop and implement situational appropriate solutions and procedures associated with specific threats based on current controls and residual risk
• Analyze security assessments, testing, audits and monitoring of security programs to identify opportunities for efficient, applicable and seamless security controls
• Maintains and monitors existing security infrastructure, evaluates emerging technology and implements new systems
• Maintain the confidentiality, integrity and availability of information assets while maintaining respective operational and process documentation
• Contributes to the improvement and standardization of security administration
• Assists in system design to ensure appropriate controls are identified
• Analyzes and evaluates security alerts and reports

Skills: Security Policies, Threat Analysis, Risk Mitigation, Compliance Monitoring, Security Controls, System Design, Infrastructure Management, Alert Evaluation

• Remains current with protocols, routing/subnetting, latest encryption standards and authentication methods
• Provides technical security support to all employees and teams within the Association
• Serve as a resource on multiple cross-functional teams
• Assists in incident response management
• Implements related processes and standards associated with business resumption, business continuity, and disaster recovery plans
• Secures security posture deficiencies through education, technology and/or process changes
• Develops and delivers security awareness training to the Associations
• Monitors information security alerting systems and immediately makes notification of significant security events that could impact the Association
• Maintain current professional knowledge on evolving information security issues through self-study, company-sponsored training, and outside training/educational opportunities

Skills: Network Security, Incident Response, Disaster Recovery, Security Training, Alert Monitoring, Cross-Team Support, Process Improvement, Threat Awareness

• Perform reverse engineering, technical security assessments, code audits and design reviews of third-party Android applications and libraries
• Advocate for security and secure practices throughout the Google Play ecosystem
• Research to identify new attack vectors against Android applications
• Work with other team members to improve Android Security and Privacy's knowledge of app vulnerabilities and propose methods to detect and mitigate new types of application flaws
• Document and provide training for operational analysts on how to identify particular types of app vulnerabilities
• Responsible for maintaining various network security tools within the Caris environment including Identity and Access Governance applications, Email Security Appliances, Anti-Virus management software, Intrusion Protection Systems, and more
• Ensure the confidentiality and integrity of the information being accessed
• Report any suspected information security violation or breach, and
• Complete all periodic mandatory security trainings in accordance with Mastercard’s guidelines
• Support the Information Security Team (3-4 fte) in e.g., the roll-out and embedding of the information security improvement plan
• Liaise with security solution vendors, assess their offering, negotiate terms and conditions, deploy their solutions and onboard them in Rituals’ day-to-day operations
• Manage and expand the existing security solutions portfolio, which is mainly based around Microsoft security solutions (e.g. Defender, Sentinel)
• Responsible for designing and embedding security policies and procedures in daily operations

Skills: App Security, Code Auditing, Vulnerability Research, Reverse Engineering, Security Training, Tool Management, Policy Implementation, Vendor Assessment

• Provide analytical and technical security recommendations to other team members, oversight boards, and clients
• Identify requirements, based on needs or resulting from a security issue that puts the organization’s systems at risk
• Perform network penetration, web application testing, source code reviews, threat analysis, wireless network assessments, and social engineering assessments
• Meet with clients and management to help specify and negotiate application security requirements
• Review current policies and procedures for applicability
• Maintain system OS security patch levels, and ensure the safe transition of applications to production
• Develop technology to automate security monitoring
• Recommend effective security configurations and architecture to active members in technical work groups
• Liaise with the Enterprise Architect, Network Engineering, and Enterprise Management Teams to effectively communicate and architect security solutions
• Develop documentation to support ongoing security systems operations, maintenance, and specific problem resolution
• Work and coordinate with traditional information security teams to share ideas to maintain proper company-wide security standardization
• Provide risk analysis for product features and architecture decisions

Skills: Security Consulting, Penetration Testing, Threat Analysis, Code Review, Policy Evaluation, Patch Management, Security Architecture, Risk Analysis

• Build InfoSec program and partner with vendors, internal IT and DevOps teams, and business stakeholders
• Participate in creating a risk-based approach to develop a strategic roadmap to prioritize efforts, including DevOps/AppSec, Network Security, Identity Access Management, Endpoint Protection, Logging, and Detection and Response
• Build/deploy/maintain security controls, instrumentation and detection infrastructure
• Conduct security risk assessments, penetration testing, monitor security vulnerabilities and threats
• Automate the investigation and remediation of security events
• Conduct in-depth research on attacker profiles and infrastructure to better predict and prevent future attacks
• Establish appropriate standards, direct implementation, identify and respond to information and security-related incidents
• Oversee the creation of the SOC, SIEM and Vulnerability Management technology roadmap(s)
• Develop incident run books and performance measures / key indicators
• Create and define SLA response time for incidents and services
• Create a logging pipeline for the automated review of risk factors and automated mitigation steps 
• Manage and review DFINITY’s Endpoint Protection posture to ensure enabled to detect, contain, and mitigate any Zero Days, APTs, Malware or data loss
• Partner with DevOps to implement a secure code repository and review process
• Ensure the security of secrets and keys
• Implement 3rd party reviews to ensure product security, including red teams and bug bounties

Skills: AppSec DevOps, Network Security, Access Management, Endpoint Protection, Threat Detection, Risk Assessment, Incident Automation, SIEM Roadmap

• Provide expertise and technical leadership while collaborating with security, compliance, product managers, and developers to improve the security of applications, software code, and infrastructure
• Develop and manage security policies, procedures, standards, and best practices
• Evaluate implementation of technical controls for efficacy and compliance with established policy and best practices
• Monitor networks for security breaches and investigate a violation when one occurs
• Report on security breaches and the extent of the damage caused by the breaches
• Conduct tests and scans of technical infrastructure and systems to identify technical vulnerabilities
• Research the latest information technology (IT) security trends
• Recommend security enhancements to management or senior IT staff
• Respond to information security, privacy, and compliance inquiries
• Participate in the certification process for security and privacy-related regulations or standards
• Assist with communication and awareness efforts with internal audiences as they relate to security and privacy
• Collaborate with contractors, assisting with the execution of any related work efforts

Skills: Security Leadership, Policy Development, Compliance Review, Breach Investigation, Vulnerability Scanning, Security Reporting, Privacy Support, Risk Mitigation

• Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions
• Handles vulnerability management and threat assessment processes 
• Monitoring for security vulnerabilities
• Identifying new security threats
• Managing remediation and the management and configuration of the vulnerability management infrastructure (Nessus Security Center)
• Provides backup support for the Data Loss Prevention (DLP) system and other security technology 
• Handles security-related tickets, like events and exceptions
• Escalates to senior people on the team 
• Monitors for Information Technology security incidents
• Provides appropriate response and escalation to management
• Evaluates the security of new technology products and upgrades to existing technology products before implementation
• Monitors end-user compliance with security policies and procedures
• Keeps abreast of developments in Information Security
• Partners with other Information Technology staff and users to resolve security issues and problems

Skills: Threat Assessment, Vulnerability Management, DLP Support, Incident Monitoring, Ticket Handling, Security Evaluation, Policy Compliance, Issue Escalation

• Implementation and tuning of policies for systems such as IDS/IPS, SIEM, DLP and AI tools
• Works with the rest of the team in determining the proper systems and tools to protect company resources
• Reviews security event logs and alerts from security systems and tools such as firewall, IDS/IPS, DLP, SIEM and syslog
• Analyses, documents and escalates security incidents per policy
• Create new ways to solve existing production security issues
• Perform vulnerability testing, risk analyses and security assessments
• Investigate intrusion incidents, conduct forensic investigations and mount incident responses
• Collaborate with colleagues on authentication, authorization and encryption solutions
• Evaluate new technologies and processes that enhance security capabilities
• Test security solutions using industry-standard analysis criteria
• Deliver technical and formal reports on test findings
• Respond to information security issues during each stage of a project’s lifecycle
• Supervise changes in software, hardware, facilities, telecommunications and user needs
• Analyse and advise on new security technologies and program conformance
• Recommend modifications in legal, technical and regulatory areas that affect IT security

Skills: Policy Tuning, SIEM Analysis, Incident Response, Vulnerability Testing, Forensic Investigation, Security Assessment, Tech Evaluation, Encryption Solutions

• Be part of the Application Security Engineering team, architecting, designing, and implementing secure solutions for eBay
• Build Application Security Solutions to secure eBay Applications and Frameworks
• Implement security solutions like security headers, Bot solutions and DevSecOps solutions
• Integrate these solutions into eBay’s platforms and frameworks
• Reduce risk of supply chain attacks to the application through Phishing, Malware and Open-Source Security attacks by implementing secure solutions
• Automate Application security processes and controls in the Secure Development lifecycle
• Own processes for continuously fine-tuning security rules and processes for efficient detection and mitigation
• Conduct Application Security code reviews and security code walkthrough efforts
• Help define overall application security strategies and procedures
• Help define operational processes to ensure predictable software development outcomes
• Refine Information Security processes and procedures
• Develop, recommend, evaluate, integrate, deploy, and maintain security tools including static and dynamic analyzers, security frameworks
• Develop, maintain security utilities and metrics dashboards that help the team to track/report on compliance
• Evaluate software security products and technologies
• Research and develop testing tools, techniques, and process improvements

Skills: App Security, Secure Design, DevSecOps Integration, Supply Chain Protection, Code Review, Security Automation, Tool Development, Risk Mitigation

• Analyze the latest attacker techniques and develop approaches
• Detect them across the company's diverse environments and endpoints
• Define, implement, and tune detection capabilities and data sources to detect and remediate malicious activity
• Work with engineering and operations teams
• Implement threat detection signals, deploy new tooling, and improve response capabilities
• Analyze security data and report on threats and incidents across various platforms and environments
• Use automation to improve identification and response time and reduce impact when an incident occurs
• Triaging, assessing, and analyzing incidents in phishing and malware
• Continuous monitoring, tuning, hardening and improvement of the existing security rules and policies
• Provide security monitoring and incident response services supporting the mission to protect Tesla
• Developing state-of-the-art security systems further
• Establishing secure coding guidelines and awareness training for software developers
• Driving security-related projects within an agile team setup
• Performing and aligning security audits, code reviews and penetration tests
• Continually monitoring software and systems for intrusions or irregular behavior
• Identification of vulnerabilities and security risks and development of improvements

Skills: Threat Detection, Incident Response, Security Automation, Malware Analysis, Rule Tuning, Code Review, Risk Identification, Secure Coding

• Build and operationalize security tools
• Suggest security improvements by assessing the current situation, evaluating trends, anticipating requirements, and supporting proof-of-concept experimentations
• Create and present functional and technical designs including data analysis, to the business team, and gather feedback to influence solution design and approach
• Implement and maintain security controls
• Participate in security incidents and help implement the containment and eradication
• Evaluate audit findings and act upon them
• Serve as an expert for the different tools built by the team
• Act as a guide and facilitator to security operations
• Build strong relationships with different stakeholders
• Cross-functional work across the enterprise to gather requirements and to attend workshops with subject matter experts
• Accountable for the timely delivery of projects as per established roadmaps by working closely with the business teams
• Strong alignment with product management and engineering teams on roadmap and product feedback
• Provide mentoring and training to peers and other colleagues in the organization
• Stay current on product developments/releases to a level required for solutioning and value realization for business

Skills: Tool Development, Security Controls, Incident Handling, Audit Response, Cross-Functional Work, Stakeholder Engagement, Roadmap Execution, Peer Mentoring

• Analyzes and defines security requirements for a variety of IT issues
• Assist with the design and implementation of solutions for IT security requirements
• Gathers, analyzes, and organizes technical information about systems, existing security products and ongoing programs
• Proactive scanning of systems, applications and services
• Identify security and compliance vulnerabilities
• Assists with the development, analysis, and implementation of security specifications
• Develops documentation to support ongoing security systems operations, maintenance, and specific problem resolution
• Work with senior engineers to review, interpret and adapt customer, regulatory and corporate security and compliance requirements into technical design options
• Participates in in-house, regulatory and industry teams including working groups, committees, incident response teams and business continuity teams
• Participates with the Enterprise Risk Management team to ensure proper identification of policy issues/violations
• Assist with the implementation of security policy, standards, guidelines, and procedures to ensure ongoing maintenance of security
• Research network products, services, protocols, and standards to remain abreast of developments in the information security industry

Skills: Security Analysis, Requirement Gathering, Vulnerability Scanning, Compliance Support, Policy Implementation, Risk Identification, Documentation, Tech Research

• Provide leadership on solution architecture, design, and implementation, ensuring it is in accordance with Intel requirements
• Create designs and technical specifications that align business needs with technical solutions while considering emerging security technologies
• Design and deploy advanced analytics and/or controls
• Innovating, creating, and deploying new detective or preventative security controls
• Recommend and drive additional security controls and align vendor roadmaps to meet Intel's current and future security needs
• Troubleshoot complex issues across multiple domains, networks, platforms, databases, and business units
• Support an Agile and DevOps approach including support for deployment and management automation, version controls, and related continuous integration, delivery, and management processes
• Install new software releases, system upgrades, patches and resolve software/system-related problems
• Apply security best practices and principles to solutions they support
• Design, develop and implement customer software solutions to support Appian’s Security Platform
• Ensure process implementation and think critically about process improvement, including monitoring performance and setting security SLA’s
• Dive deep into large volumes of security data, utilizing creative ways to find anomalies worth investigating
• Conduct security research and present findings to senior team members

Skills: Security Architecture, Control Design, DevOps Support, Issue Troubleshooting, Process Improvement, Data Analysis, Security Research, Software Deployment

• Evaluate, plan and integrate a modern Extended Detection and Response
• Conduct proactive research to monitor and analyze security attacks, intrusions and unusual, unauthorized or illegal activity
• Investigate security alerts and assist in the remediation of information security incidents
• Work with technical stakeholders to build and operate an information security operation platform that will be based on automation
• Continuously transform current solutions to embrace a hybrid cloud architecture to meet the growing demands of business
• Communicate cybersecurity risks and solutions to various technical and non-technical audiences and levels of management
• Comply with HIPAA and SOC-II, Diversity Principles, Corporate Integrity, Compliance Program policies and other applicable corporate and departmental policies
• Research/evaluate emerging cybersecurity threats, vulnerabilities, trends and ways to manage them
• Liaise with stakeholders in relation to cybersecurity issues and provide future recommendations
• Generate reports for both technical and non-technical staff and stakeholders
• Maintain an information security risk register and assist with internal and external audits relating to information security
• Assist with the creation, maintenance and delivery of cybersecurity awareness training for colleagues
• Monitor and respond to 'phishing' emails and 'pharming' activity
• Give advice and guidance to staff on issues such as spam and unwanted or malicious emails
• Identify current and emerging technology issues, weaknesses and recommend appropriate strategies

Skills: XDR Integration, Threat Monitoring, Incident Remediation, Security Automation, Cloud Security, Risk Communication, Audit Support, Awareness Training

• Review architecture and code changes for potential security issues
• Conduct technical assessments of new and existing Nylas features to identify vulnerabilities
• Collaborate with fellow Nylanauts to design and implement methods and tooling to prevent data breaches
• Analyze and respond to security-related findings from third-party pentests, compliance audits, monitoring tools, and bug bounty programs
• Manage customer-facing services, responding, resolving and triaging incoming requests
• Help manage the Incident Response Program
• Respond to network and endpoint security events as generated by multiple systems
• Maintain security monitoring, logging and auditing capabilities
• Maintain compliance with information security frameworks and regulations
• Develop and implement secure system and application configuration standards
• Identify and manage security vulnerabilities, and provide relevant guidance to other IT teams
• Analyze security requirements for projects
• Identify security risks by conducting security reviews, evaluations, and risk assessments
• Assess cloud-based products and third-party software for risk and security compliance
• Install required security patches and updates for a wide range of applications 

Skills: Code Review, Vulnerability Assessment, Tooling Development, Incident Response, Security Monitoring, Risk Analysis, Compliance Management, Patch Management

• Interface with the Information Security Product manager to understand the What and Why
• Define how and when it comes to delivering on operational team (SecOps) requirements
• Work with the teams to implement all the stories in the backlog, based on prioritisation
• Contribute SME input towards long-term strategic initiatives in line with the Security roadmap and other business priorities
• Lead and participate in Proof of Value exercises, stating technical success criteria and testing/ measuring against those requirements
• Focus on delivery by working with the Security Product manager, SecOps team/vendors, and by influencing roadmaps and release plans and contribute to the long-term vision of the Information Security Unit
• Implement continual, iterative improvements to tooling and platform capabilities
• Collaborate with the Information Security Architect to ensure best practice configurations are in place
• Troubleshoot tooling and platform issues with different vendor engineering teams
• Facilitate the onboarding and management of various log source types into the SIEM platform
• Contribute to the technical direction on all areas of the PKI domain including policies, standards, strategies, automation and governance
• Develop, maintain and publish certificate management processes and procedures to administer certificates throughout their lifecycle
• Joint point of contact for certificate questions and resolution of certificate issues

Skills: SecOps Delivery, Backlog Implementation, Tooling Improvement, PKI Management, SIEM Onboarding, Vendor Collaboration, Certificate Lifecycle, Security Roadmap

• Assess security risks over the infrastructure, architecture, applications and services that are part of the company’s technological environment
• Monitor security events for alerts within the tech stack, and investigate any potential breaches
• Routinely perform internal security tests (vulnerability assessments, penetration tests, security assessments) and security audits
• Assist in the implementation of security measures for the protection of endpoints, systems, accounts, and data
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Provide input for a continuous vulnerability management over the IT environment
• Work with other teams to help prepare and document standard operating procedures and protocols related to security
• Interact with other teams, to ensure the ability to find the best security solutions for the company and use case, while also ensuring compliance with legal and private commitments
• Handle security breaches according to defined policies and procedures, ensuring that all staff members are informed of the situation accordingly
• Provide topics and materials for security-focused training
• Research and propose new security tools to implement different kinds of controls and measures

Skills: Risk Assessment, Security Monitoring, Vulnerability Testing, Endpoint Protection, Incident Handling, SOP Development, Compliance Support, Tool Evaluation

• Define, implement, and maintain the Information Security Management System (ISMS) and Privacy Information Management System (PIMS)
• Plan and execute periodic risk assessments
• Work directly with the business units to facilitate risk assessment and risk management processes
• Define, review and maintain the organizational information security policies, processes, procedures and control framework
• Ensure it is adequate to address the emerging risks due to the changing environment, technology and legal requirements
• Align customer and internal information security objectives to the ISMS and PIMS
• Monitor and fulfill client contractual (MSA) information security and privacy obligations
• Monitor and fulfill legal obligations related to the protection of personal information across different jurisdictions, like GDPR, CCPA
• Prepare metrics-based periodic reports and dashboards with support from the stakeholder functions for management review
• Liaise with security vendors, suppliers, service providers and external resources for new security tools for improving security
• Lead the Information Security audits/assessments/remediation and present key risks to the management
• Perform the third-party Risk Assessment of Critical Vendors
• Conduct Information Security and Privacy awareness and training programs for the employees as part of their induction and regular awareness
• Oversee information security and privacy incident management process for incident reporting, containment, resolution and root cause analysis
• Plan and coordinate BCP and DR tests
• Set up guidelines for secure coding practices
• Recommend security and privacy controls based on a people, process and technology approach and industry best practices
• Identifying solutions or writing automation scripts for solving regular tasks or optimizing processes

Skills: ISMS Management, Risk Assessment, Policy Development, Compliance Monitoring, Audit Leadership, Vendor Risk, Privacy Training, Incident Management

• Monitor computer networks for security issues
• Investigate security breaches and other cybersecurity incidents
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs
• Document security breaches and assess the damage they cause
• Work with the security team to perform tests and uncover network vulnerabilities
• Fix detected vulnerabilities to maintain a high-security standard
• Stay current on IT security trends and news
• Develop company-wide best practices for IT security
• Perform vulnerability assessment and conduct penetration testing on the network, systems and applications
• Write security assessment reports
• Automate penetration tests and other security checks on the network, systems and applications
• Performing daily operational 'eyes on glass' real-time monitoring and analysis of security events from multiple sources including events from SIEM tools, network and host-based IDS, firewall logs, system logs (Linux and Windows), applications and databases
• Collaboration with Operations Engineers and technical teams for issue resolution and mitigation
• Document actions taken for audit, regulatory and legal purposes within the approved event tracking system
• Provide Antivirus and Malware protection application administration and management
• Provide vulnerability and threat application administration and management, and incorporate feedback into information security applications
• Actively contribute to all ongoing and new internal projects
• Keeping up-to-date with the latest position-related technologies

Skills: Network Monitoring, Incident Response, Vulnerability Fixing, Penetration Testing, SIEM Analysis, Malware Protection, Security Automation, Threat Management

• Working closely with the Chief Information Security Officer and the IT Security and Compliance organization
• Drive the automation of security controls into the Continuous Integration and Continuous Deployment (CI/CD) pipeline across the organization
• Assist with the design of security controls across a wide variety of infrastructures and risk tolerances
• Conduct, support, and/or analyze results from static and dynamic code analysis
• Support the Operations Leaders and work with the Security Compliance team in the execution of the Security Compliance Program
• Obtaining and analyzing data and information required for decisions in planning, scoping, risk-assessing the reviewing and/or conducting assigned testing
• Apply professional standards and responsible business judgement for the effective, timely execution of assigned tasks and team responsibilities
• Support the ongoing penetration testing activities of the global organization
• Understand the nature and dynamics of systems, products, and operations to analyze and determine inherent risks and exposures
• Analyze risks and business impacts
• Work with Arch and its business partner entities to develop cost-effective action plans to improve the control environment and operating effectiveness while maintaining security posture
• Ensure that staff work is complete to the highest professional standards and that the activities subject to review comply with the Arch’s business ethics
• Execute duties in a participative team environment with effective consideration of time, expense budgets, and project/review deadlines
• Develop security procedures, supporting tools, and reports to evaluate risks and controls
• Contribute to improving Information Security effectiveness and efficiency and to meeting customer needs by identifying and implementing improvements
• Perform gap analysis and recommendations for creating enterprise-wide process-level methods to close gaps

Skills: Security Automation, Code Analysis, Risk Assessment, Compliance Support, Penetration Testing, Security Procedures, Gap Analysis, Control Design

• Perform vulnerability scanning against systems in all stages of the SDLC
• Develop and tune SIEM alerts and configuration change alerts to proactively minimize risk to Cogito
• Review alerts and findings from SIEM, IDS, scanners, and AWS security tools
• Document and track risks, vulnerabilities, requirements, and exceptions, as well as the progress of their associated work streams
• Collaborate with engineering, product management, IT, and cloud operations teams on prioritization
• Implement remediations and mitigations, execution of information security initiatives, and consult on security topics
• Maintain dashboards and metrics to track the security posture of Cogito
• Implement, manage, and automate infrastructure and services used for security tooling
• Keep current with new technologies and threats to better inform Information Security processes and initiatives
• Manage access grants, revocations, and permissions across Cogito’s infrastructure
• Assist with responses to technical questions from customers, auditors, and internal stakeholders
• Support information security initiatives to maintain compliance with the HITRUST, PCI-DSS, and SOC 2 frameworks
• Develop Information Security procedures and data flow diagrams

Skills: Vulnerability Scanning, SIEM Management, Threat Detection, Risk Documentation, Cross-Team Collaboration, Security Remediation, Compliance Support, Access Management

• Work with operational teams on creating and implementing secure operation standards using CI/CD and DevOps abilities
• Evaluate new technologies, deploy, maintain and monitor information security systems
• Identify needs, assess risks and come up with a work plan to maintain a strong security posture
• Participate in the design and architecture of sensitive environments
• Implementing automation for investigation and response workflows
• Lead POCs and identify new solutions/systems to improve the 888 security framework
• Assume ownership of an existing backlog of technical security improvements
• Play a leading role within a small but effective information security team
• Contribute to the security incident response process and play an active role in responding to security incidents
• Perform data analysis and conduct forensic investigations 
• Promote a healthy security culture by providing comprehensive training and support to engineering teams
• Help create secure-by-design products and services for the community

Skills: DevSecOps Practices, Security Architecture, Risk Assessment, Incident Response, Automation Workflows, Forensic Analysis, Security Training, Secure Design

• Develop system documentation to convey designs and develop support documentation 
• Keep abreast of advances and developing trends and standards in technology
• Design, develop, test and implement solutions to problems involving multiple technologies, utilizing advanced specialized technical skills in the context of defined Reference Architectures
• Establish and administer standards and conventions in relevant technologies
• Stand up Microsoft Servers and other Security products
• Upgrade and patch security Equipment
• Develop interfaces from Corporate/Cloud servers to SIEM
• Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security
• Consult and assist internal IT staff in proving out concepts to support the migration of existing on-premise applications and infrastructure to Azure hybrid PaaS/IaaS deployment
• Worked with the client management team to determine business needs, analyze existing infrastructure, perform gap analysis, create a plan to close gaps to migrate terabytes of data and applications to newly implemented cloud architectures

Skills: System Documentation, Reference Architecture, Server Deployment, Security Patching, SIEM Integration, Breach Response, Cloud Migration, Gap Analysis

• Identify and recommend potential areas where existing data security policies and procedures require change, or where a control is required to mitigate security risks, while working with various teams to enhance security policies and procedures
• Assist in implementing CIS Controls for hardware and Software environments
• Evaluate the best course of action for product roadmaps and/or projects based on time, cost and quality to present unbiased alternatives to stakeholders
• Develop logical and physical data models and/or other types of designs for relatively complex technical solutions to system or business problems
• Provide support for project managers relative to scope and planning for technical aspects of projects
• Provide day-to-day technical direction to staff relative to the technical aspects of a project or support function
• Serve as a technical mentor to department staff who are less experienced in the relevant technologies
• Uphold SDLC processes and ensure deliverables relative to project needs
• Review technical designs and specifications for adherence to standards
• Conduct third-party Vendor Security Reviews
• Participate in task estimation and planning

Skills: Policy Enhancement, CIS Controls, Technical Planning, Data Modeling, Project Support, SDLC Compliance, Vendor Reviews, Design Evaluation

• Further develop the Incident Response program
• Review logs/events from IDS, SIEM, WAF, NG Firewall/Web Proxy
• Identify and hunt for Indicators of Compromise within the corporate network and infrastructure
• Be part of the on-call team responsible for detecting and responding to cybersecurity incidents
• Help maintain the Secure Systems Development Life Cycle in all its stages
• Identify, resolve, and mitigate vulnerabilities on AWS and GCP cloud systems and platforms
• Secure configuration and system hardening
• Log and event analysis and alerting
• Maintain keen awareness of the cloud infrastructure security landscape and emerging threat vectors
• Perform penetration testing against the infrastructure, platform, and applications
• Manage firewalls, load balancers, and web application firewalls (WAF)
• Assist in the creation of cybersecurity standards and implementing security best practices across all technology platforms, following industry standard frameworks
• Identify and evaluate risks in the cloud infrastructure and work with stakeholders to mitigate
• Deploy and administer endpoint security solutions
• Work with CI and CD tools, and source control such as GIT and GitLab

Skills: Incident Handling, IOC Detection, Cloud Defense, Security Testing, Event Monitoring, Configuration Hardening, Network Protection, DevSecOps Tools

• Actively manage projects and drive security vulnerability remediation efforts across the organization
• Collaborate with product development and solution delivery teams to provide expertise and support for information security matters
• Accountable for the day-to-day operations of the Security Operations function
• Contribute to security planning, assessment, risk analysis, certification, and awareness activities for network and system operations
• Continuously assess, measure, and monitor information technology risk by performing network and system vulnerability assessments
• Identify weak or missing security controls and vulnerabilities
• Research and evaluate current or emerging security technologies to support the cybersecurity initiative
• Maintain compliance to security policies, standards, and procedures
• Manage cybersecurity compliance activities and implement improvements
• Responsible for identifying and collecting relevant information security metrics
• Measure performance indicators of program activities and effectively communicate status to stakeholders
• Review existing policies and procedures and work with management to keep them updated
• Support incident response processes
• Stay abreast of emerging threats, vulnerabilities, and be active in the security community
• Establish and maintain strong relationships with business units
• Proactively supports, trains, and motivates less experienced team members
• Participate in special projects and other duties 

Skills: Vulnerability Remediation, Security Operations, Risk Assessment, Compliance Management, Policy Review, Threat Monitoring, Metrics Reporting, Team Mentorship

• Support the design, implementation, maintenance and performance of information security controls for the organization’s networks, information systems and critical assets
• Support and coordinate risk assessments and security evaluations for vendors deploying either on-premises or cloud
• Ensure that Information Security for Invitae's services and infrastructure is maintained at a high level and reasonable cost without becoming an impediment to the business
• Support the detection, response, and recovery from security incidents
• Protect information, information systems, and networks from threats by using defensive measures and information collected from a variety of sources
• Identify, analyze, and report events that occur or might occur within the network
• Conduct assessments of threats and vulnerabilities to determine deviations from acceptable configurations, enterprise or local policy
• Assess the level of risk and develop appropriate mitigation countermeasures in operational and nonoperational situations
• Be an integral part of a team of PCI Compliance experts
• Be part of a team culture of continuous improvement, mentoring and learning, data-driven decisions, and accountability for delivery of key metrics and deliverables
• Partner and collaborate with business and technology teams to develop actionable solutions for security compliance, certifications, and governance
• Play a key role in the creation, revisions and ongoing compliance processes which support security policies and controls to meet PCI DSS requirements
• Expand into other security and compliance areas such as HIPAA, HITRUST, and SOC

Skills: Security Controls, Risk Assessment, Incident Response, Threat Detection, Vulnerability Analysis, PCI Compliance, Policy Development, Cross-Team Collaboration

• Develops Information Security Plans and Policies
• Helps plan and carry out TCC's information security strategy
• Develops a set of security standards and best practices for the organization and recommends security enhancements to management
• Develops strategies to respond to and recover from a security breach
• Installs and uses software, such as firewalls and data encryption programs, to protect the organization's sensitive information
• Assists computer users with the installation or processing of new security products and procedures
• Conducts periodic scans of networks to find any vulnerabilities
• Conducts penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party
• Continuously monitors the college's networks and systems for security breaches or intrusions
• Installs software that helps to notify the Office of Information Security and watches out for irregular system behavior
• Following a breach, leads incident response activities to minimize the impact and conduct a technical and forensic investigation into how the breach happened and the extent of the damage
• Prepares reports of their findings to be reported to management
• Attends the workplace regularly, reports to work punctually and follows a work schedule to keep up with the demands of the worksite
• Completes all training and professional development sessions sponsored through Tarrant County College (TCC)
• Supports the values of the College such as diversity, teaching excellence, student success, innovation and creativity and service to the College
• Supports the mission, values and 3 goals and 8 principles of the College

Skills: Security Planning, Policy Development, Breach Response, Threat Monitoring, Penetration Testing, Network Scanning, User Support, Compliance Reporting

• Develops and carries out information security plans and policies
• Develops strategies to respond to and recover from a security breach and investigates security breaches
• Delivers awareness training to the workforce on information security standards, policies and best practices
• Implements network and application protections
• Installation and use of firewalls, data encryption and other security products and procedures
• Conducts periodic network scans to find any vulnerabilities and conducts penetration testing, simulating an attack on the system to find exploitable weaknesses
• Monitors networks and systems for security breaches through the use of software that detects intrusions and anomalous system behavior
• Leads incident response, including steps to minimize the impact and then conducts a technical and forensic investigation into how the breach happened and the extent of the damage
• Provides engineering support to integrate security and compliance requirements into all enterprise information systems and projects as part of the SDLC process by working closely with various IT areas

Skills: Security Strategy, Breach Recovery, Security Training, Network Protection, Penetration Testing, Threat Monitoring, Incident Investigation, SDLC Integration

• Work with Engineering teams across Zwift to provide scalable vulnerability management and assessment procedures and provide application security reviews
• Collaborate with Engineering teams across Zwift to build secure and scalable containerized architectures in the cloud
• Implement information security controls and patterns that support risk assessments and the development of secure architectures
• Collaborate with engineering teams to drive product roadmaps by providing security requirements that map security controls to service features
• Identify and mitigate risks throughout corporate and production environments
• Provide continuous technical support and escalation management for security-related issues throughout Zwift
• Identify opportunities for process improvement, including the development and implementation of internal security tools, tactics, and procedures
• Provide security awareness training and outreach to internal development teams
• Provide security-related guidance and documentation

Skills: Vulnerability Management, Application Security, Cloud Architecture, Risk Mitigation, Security Controls, Incident Escalation, Process Improvement, Security Training

• Participate in incident management issues where security tool troubleshooting is required
• Keep cyber cybersecurity infrastructure patched and compliant
• Perform major platform upgrades and installations (eg, firewall refresh)
• General troubleshooting and support for project-based queries regarding cybersecurity tool configuration requirements
• Ensure infrastructure device configuration is in line with written policy and standards
• Engage and liaise with vendors for escalated support issues and incidents
• Develop, implement, and maintain processes and procedures to help the team work efficiently and improve service levels
• Perform Information Cyber Risk Control Assessments of S&P Global high-risk systems
• Implement the current risk assessment framework and processes at S&P Global
• Coordinate with internal stakeholders such as divisional risk leads, procurement, engagement owners/vendor managers and domain partners
• Gather, review, and evaluate supporting assessment documentation (evidence)
• Reviews assessment questionnaire responses and develops resulting action plans
• Follow up with stakeholders until the assessment action items are closed or a reasonable resolution timeline is identified
• Prepare summary reports of assessment results and associated metrics
• Perform continuous risk monitoring
• Assist with the enhancement of assessment questionnaire(s) or similar assessment documentation/templates

Skills: Tool Troubleshooting, Patch Management, Firewall Upgrades, Risk Assessments, Policy Compliance, Vendor Coordination, Process Development, Risk Reporting

• Provide primary engineering design and configuration for data systems in line with Managed Services customer goals and requirements
• Evaluate new technical requirements for compatibility with the deployed system design
• Evaluate new products for compatibility and applicability to the Managed Services solutions
• Maintain current knowledge base regarding complex routing, switching
• Monitor and analyze performance across customer networks and underlying MS Tools deployments for Managed Services
• Provide high-level technical and engineering support for network performance management configurations, troubleshooting, and service restoration, along with an understanding of switching, routing as they would affect performance management
• Troubleshoot and resolve complex issues
• Provide high-level off-hours support on a rotating basis with other engineers
• Develop and oversee subordinate-level technical methods, procedures, and assist with complex technical solution designs
• Develop and document process flows
• Identify capacity and performance issues for network traffic to ensure the continued, uninterrupted operation of systems
• Maintain network monitoring applications, equipment and utilities
• Conduct testing of disaster recovery plans as they pertain to network performance management equipment to detect faults and minimize malfunctions
• Create and maintain network documentation and reports
• Act as liaison between Managed Services and other vendors (e.g., Cisco and Solarwinds) on high-level support issues

Skills: Network Design, System Configuration, Performance Monitoring, Technical Troubleshooting, Routing Switching, Capacity Planning, Disaster Recovery, Vendor Liaison

• Provide efficient and effective Infrastructure Security Operations Support of all supported infrastructure security components
• Provide timely and effective maintenance and repair support on all supported infrastructure security components
• Conduct efficient security monitoring of all supported infrastructure security components
• Firewalls and intrusion detection/prevention systems
• Ensure effective change control and configuration management of all supported infrastructure security-related components 
• Establish and maintain consistency of their performance and functional and physical attributes
• Develop and execute advanced automation and orchestration activities as applicable across several information security domains
• Manage risk identification within the technical architecture in partnership with infrastructure teams
• Keep abreast of and gain expertise in the evolving technology and understand how new technologies could be applied to the security environment
• Research, test and understand the relevant products and product capabilities
• Participate in the vendor community on relevant products and product capabilities
• Work under the guidance of more senior information security engineers

Skills: Security Operations, Infrastructure Support, Threat Monitoring, Firewall Management, Change Control, Automation Orchestration, Risk Identification, Technology Research

• Possesses strong written and verbal communication skills
• Ability to develop security standards, write concise correspondence and policy briefings for senior staff
• Experience working across multiple team(s) to deliver security solutions at enterprise scale
• Hands-on experience with implementation, configuration, management and assessment of firewalls, WAFs, and micro-segmentation technologies
• Knowledge of network and related web protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols)
• Hands-on experience with IPS/IDS/HIDS
• Hands-on experience with AWS or other Cloud Platforms
• Knowledge of network package capture and analysis techniques
• Knowledge of threat modeling or other risk identification techniques
• Knowledge of system security vulnerabilities and remediation techniques
• Familiarity with common attack patterns and exploitation techniques
• Must have Scripting Skills (e.g., TypeScript, Python, Shell, Powershell scripting) 
• Able to enhance integration, testing and implementation of Security Technologies
• Experience building security programs in large organizations

Qualifications: BS in Software Engineering with 7 years of Experience

• Must have a breadth and depth of Information Security knowledge
• Experience of leading global information security programmes and risk management practices
• Hands-on technical experience in designing and building large-scale Information Security architecture encompassing network security, web security and application security with a focus on Cloud-based systems
• Strong knowledge of API security, WAF, and Cryptography
• Strong scripting experience with JavaScript, Python or PowerShell
• Experience with Terraform, CloudFormation, and Terragrunt
• Experience with Linux and MS Windows operating systems
• Knowledge of network technologies (TCP/IP stack) and SQL
• Passion for learning, excellence, integrity and honesty
• Experience with various security-oriented IT products and general system administration
• Programming experience with Python, JavaScript, Java or C#
• Knowledge of coding practices
• Experience with systems for source code management (GIT and/or SVN)
• Experience with databases and BI systems

Qualifications: BS in Computer Science with 6 years of Experience

• Knowledge of relevant industry standards and guidelines such as ISO27001, PCI-DSS, NIST SP800-53
• Experience providing secure design advice for web-based environments and secure communication, including mobile applications, web applications and web services
• Demonstrate a broad awareness of security engineering concepts and practices across all phases of the software development lifecycle
• Technical experience with Java or a similar enterprise programming language, especially related to secure coding best practices
• Strong understanding of information security, risk and data privacy within the domain of digital commerce including relevant practical experience
• Knowledge of cryptography, including several of the following: encryption, hashing, key management, digital certificates, TLS
• Knowledge of virtualization platforms such as Amazon Web Services (AWS) EC2, VMware vCloud Director, VMware vSphere and Google AppEngine, OpenStack or Azure
• Experience of continuous delivery/continuous integration processes and procedures including critical security considerations in automated workflows
• Understand mobile security architecture concepts, design and implementation for Android and IOS
• Working knowledge and technical security experience with UNIX, Linux or AIX
• Ability to articulate and communicate effectively to diverse audiences and properly translate security and risk management terminology into business terms, and recommend alternative solutions to these stakeholders
• Strong verbal and written communication skills

Qualifications: BS in Information Technology with 8 years of Experience

• Deep knowledge of proxies, load balancers and firewalls
• Understanding the basics of network traffic flow for applications, browsing and B2B types of traffic
• Experience deploying security solutions in virtual environments such as VMWare, AWS, and Azure
• Experience and hands on knowledge with Data Loss Prevention security controls
• Ability to navigate and work effectively across a complex, geographically dispersed organization
• Exceptional communication and customer relationship skills
• Ability to build consensus and cooperation as well as to influence, interact and negotiate with senior leadership in the organization
• Knowledge of change and project management methodologies and principles and the ability to integrate them into project design
• Broad knowledge of Information Security technologies, techniques and processes
• Experience leading complex technical projects, meeting target timelines, facilitating project meetings, authoring project documentation, issues, and identifying  project resources identification
• Demonstrable ability to self-direct project outcomes, with minimal supervision, to achieve program goals
• Knowledge and experience architecting complex enterprise cybersecurity solutions for data in transit across web, email and b2b environments
• Solid experience with designing, evaluating and deploying network security solutions for outbound, inbound and lateral network traffic
• Experience in engineering web content inspection solutions using tools such as McAfee Web Gateways, Bluecoat ProxySG, Radware Alteon, F5 LTM/APM/SSLO, FireEye, NSX Defender (Lastline), and Proofpoint
• Experience deploying security solutions in email environments
• Experience integrating network security solutions with IAAS, PAAS and SAAS components such as Zscaler, O365, etc
• Experience with other third-party network security controls such as Bluecoat, FortiGate, Check Point, Juniper, F5 ASM, Cisco, FireEye, F5, Radware, Zscaler, etc.

Qualifications: BS in Electrical Engineering with 9 years of Experience

• Information Security experience in detecting technical vulnerabilities and security risks in a highly technical, hands-on environment
• Experience leveraging security analytics/SIEM technologies for log collection, analysis, and correlation rules to identify actual security threat events
• Experience using and securing cloud computing services such as AWS, Google Cloud, Microsoft Azure, and SAML/single-sign-on solutions
• Must possess a basic understanding of core modern computing functions (e.g., TCP, UDP, IPSec, DNS, routing and switching, HTTP response codes and methods, REST API basics, multi-factor authentication technologies
• Must possess a solid understanding of cryptography basics (public/private keys, TLS certificates, PKI, etc.)
• Must have experience implementing/working with Security Orchestration, Automation, and Response (SOAR) solutions
• Must be comfortable and competent using OSX and Linux workstations to effectively use common open source command line and GUI-based tools for network and general troubleshooting (Wireshark, nmap, tcpdump)
• Demonstrated history of implementing role-based access control (RBAC) security controls to ensure least privileged access
• Familiar with security controls or concepts related to various security community groups or standards such as CISSP Domains, NIST cybersecurity and privacy frameworks, CIS benchmarks, OSI model
• Proven experience within Incident Response situations
• Demonstrated ability to handle and maintain confidential information in a professional manner

Qualifications: BS in Computer Engineering with 6 years of Experience

• Must possess strong written and verbal communication skills, and be capable of understanding, documenting, communicating, and presenting technical issues in a non-technical manner to audiences with varying degrees of technical expertise
• Familiar with compliance and privacy regulations such as PCI, GDPR, CCPA, SOX, and other regulations/standards
• Leadership skills and the ability to mentor or provide guidance to teams
• Must have CISSP, CCSP, or other relevant industry security-focused certifications 
• Must be comfortable working across a geographically distributed environment
• Must maintain a high level of customer service focus, and exhibit diligence in coordinating and executing processes and procedures
• Strong analytical, problem-solving and decision-making capabilities alongside strong
• Must always exhibit integrity, self-motivation, and take initiative in a professional environment and be results-oriented
• Demonstrated track record of staying up-to-date with Information Security and threat intelligence knowledge across the security and tech communities

Qualifications: BS in Cybersecurity with 5 years of Experience

• Experience with IaaS (Infrastructure-as-Code)
• Experience managing large scale systems as an SRE
• Experience in one or more of the following technologies - SEIMs, WAFs, IDS/IPS, anti-malware, EDR, secure cloud access, vulnerability scanning platforms, FIM, DLP, and encryption
• Experience with deployment orchestration, automation, and security configuration management (Jenkins, Puppet, Chef, CloudFormation, Terraform, Ansible)
• Must have CISSP, GIAC, and CISM certifications
• Ability to apply knowledge of multidisciplinary business principles and practices to achieve successful outcomes in cross-functional projects and activities
• Highly organized, can multitask and meet aggressive deadlines, and is a team-player and team-builder who can make meaningful and long-lasting connections with others
• Ability to respond and remediate incidents
• Ability to work within large collaborative organizations
• Knowledge of and ability to apply process improvement principles
• Strong written, verbal and active listening skills
• Ability to foster effectiveness during changes in tasks, work environment or conditions affecting the organization
• Strong analytical and problem-solving skills

Qualifications: BS in Information Assurance with 8 years of Experience

• Basic software development knowledge
• Basic IT security knowledge (e.g., OWASP Top 10, network security)
• Fluent English speaking and writing skills
• Strong feedback and a continuous learning mindset
• Demonstrated ability to meet the job requirements through a comparable number of years of applicable work experience
• Strong working knowledge and understanding of cybersecurity tools, frameworks, incident management, operations, and security best practices
• Proven analytical and problem-solving abilities
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Excellent written, oral, and interpersonal communication skills
• Ability to present ideas in business-friendly and user-friendly language
• Team-oriented and skilled in working within a collaborative environment
• Advanced Endpoint Protection Solutions
• Basic project management skills

Qualifications: BS in Computer Programming with 7 years of Experience

• Experience in performing vulnerability assessment, penetration test or ethical hacking
• Experience in implementing security best practices on infrastructure in cloud and on-premise and on SaaS (hardening)
• Knowledge of vulnerability management processes
• Knowledge of networking security (architecture, protocols, VPNs)
• Knowledge of web application security and secure development (SSDLC), APIs security
• Knowledge of cloud environments (GCP, AWS)
• Ability to confidently present findings to those with either a technical or non-technical background
• Self-directed, resourceful, and a critical thinker with attention to detail and proactive problem-solving skills
• Ability to self-organise and plan activities with commitment towards results
• Ready to learn new content both from others or self-learning
• Passionate about self-improvement and suggesting improvements to processes or activities
• Must have InfoSec Certification (e.g., CISSP, CompTIA Sec, CEH, etc.)

Qualifications: BS in Digital Forensics with 6 years of Experience

• Strong foundation in Linux/UNIX
• Evidence of understanding of core OS and networking concepts
• Proficiency in command-line usage
• Intermediate experience with Shell Scripting
• Intermediate experience in/knowledge of access management systems, for example, CyberArk
• Experience with ControlMinder from Broadcom
• Experience with CI/CD, including Chef and Jenkins
• Experience with Git version control and BitBucket
• Strong written and verbal English communication skills
• Strong analytical and excellent problem-solving skills
• Experience working in an Agile environment

Qualifications: BS in Management Information Systems with 5 years of Experience

• Solid foundation in security domains such as web security, cloud services security, identity/access management, web application firewalls, intrusion detection, and static analysis and dynamic application security testing
• Knowledgeable and passionate about software development, security, and large-scale programs
• Deep understanding of the Engineering organization and can influence key partners to move Cisco ahead
• Collaborate with project managers in communicating risk and remediation measures to the business partners
• Proven understanding of security practices of various CSPs (Cloud Service Providers)
• In-depth knowledge of cloud platforms like IaaS, SaaS and PaaS
• Proven understanding of Web Application n-tier architectures, threat modeling and secure coding practices
• Security fundamentals with a solid understanding of threats, vulnerabilities, defenses, security principles and policies
• Solid understanding of security vulnerabilities and remediation detailed by organizations like OWASP, SANS, etc.
• Confirmed foundation of Secure Development Lifecycle (SDL) and a working knowledge of SDL requirements
• Experience assessing Application Security - development, implementation and maintenance of Application Security posture in an enterprise organization
• Demonstrate good communication and writing skills, and can articulate application vulnerabilities, defects, technical controls, risks, and other complex security matters with the Business in a language that can be easily understood
• Possess out-of-the-box thinking, analytical reasoning, and creative problem-solving skills

Qualifications: BA in History with 8 years of Experience

• Must have Certification in AZ-500: Microsoft Security Technologies and AZ-103: Microsoft Azure Administrator
• Enterprise working experience with Hybrid Identity Platforms with a deep understanding of Cloud Identity
• Excellent Azure AD Development and Experience
• Implementation experience with Security Malware and Phishing prevention solutions
• Deep understanding of existing phishing risk mitigation solutions
• Good understanding of OWASP top 10 vulnerabilities as it relates to secure product development
• Experience in developing product solutions seeking to minimize Security attacks and fraud in monetary transactions 
• Hands-on product development experience with web applications
• Experience in the application security space will be nice-to-have
• Strong development experience in Java and Node.js, and familiarity with databases (MongoDB or Hadoop)
• Knowledge of other technologies like PHP, Python, and Content management systems
• Working experience with product development teams in a continuous delivery developer role
• Able to deep dive into existing code to detect and remediate security flaws

Qualifications: BS in Internet Security with 6 years of Experience

• Strong technical knowledge and understanding of security concepts
• Strong technical knowledge and understanding of key technology platforms
• Working knowledge of network and security protocols including TCP/IP, SMTP, FTP, SSH, TLS, SSL, HTTP, IPSec and other VPN protocols
• Strong written and verbal communication skills
• Ability to speak and explain complex security issues to audiences without similar backgrounds
• Ability to effectively communicate business risk as it relates to information security
• Excellent time management and organizational skills to effectively meet multiple objectives
• Results-oriented, self-motivated and capable of performing several tasks simultaneously
• Strong analytical, process and troubleshooting skills
• Experience performing SIEM Management and tuning

Qualifications: BS in Telecommunications with 5 years of Experience

• Excellent writing, organizational, interpersonal and communication skills
• Able to maintain strict confidentiality
• Able to think analytically and have a high sense of urgency
• Able to look at all situations objectively and have a love for challenging assumptions
• Able to work independently without supervision
• Understanding of and practical experience with internal certificate authorities, Microsoft Windows preventive and detective controls, Microsoft Active Directory design/architecture and security, data loss/leak prevention and multi-factor authentication
• Understanding of network design, encryption/PKI, mobile security, network security technologies and vulnerability management
• Comfort with working in a fast-paced, startup-style environment
• Experience in a technical information technology role

Qualifications: BS in Engineering Physics with 4 years of Experience

• Experience in using, administering, and deploying a variety of operating systems (Windows, Linux or other UNIX variants), virtualization platforms, and cloud solutions
• Knowledge of and experience in information security and monitoring systems
• Familiarity/comfort level working with IT Security software and hardware
• Strong writing/documentation skills
• Self-starter with the ability to work independently, while having good judgment as to when consultation is needed
• Ability to work on multiple projects and perform well under deadlines
• Strong drive to learn and grow in the cybersecurity field
• Must have the ability to operate equipment such as a computer and a copy machine
• Must have the ability to communicate clearly and to read and follow detailed instructions
• Must have the ability to prepare assorted documents and other related materials
• Must have the ability to work in stressful conditions under time deadlines

Qualifications: BS in Computer Science with 6 years of Experience

• Professional experience in large enterprise environments or working to secure enterprise applications, risk management, or supply chain risk
• Ability to perform threat and vulnerability assessments and provide subject matter expertise on appropriate threat mitigation
• Experience improving threat detection using network or endpoint system capabilities
• Experience in red teaming and security tools
• Strong analytical and prioritisation skills
• Extensive understanding of Cloud Infrastructure and Architecture
• Comfort with DevOps and automation mindset and the tools (Jenkins, Ansible, Puppet, Chef, Lambda)
• Ability to build working relationships with critical stakeholders
• Ability to constructively challenge the status quo while adhering to corporate ethics and leadership principles
• Ability to execute with passion
• Able to lead and follow with Integrity, collaboratively
• Must have Certifications like CISSP, CCSP, Security+, CEH, CISM

Qualifications: BS in Software Engineering with 7 years of Experience

• Strong oral and written communication skills and comfort with presenting technical issues to all levels of management, as well as non-technical staff
• Broad technical knowledge of current and emerging technologies used both within the corporate infrastructure and in delivering customer-facing services
• Experience in performing security risk assessments and application, system, and network security
• Knowledge of the  information security industry and regulatory obligations (ISO 27001/27002, SOX, PCI, NIST Framework, FISMA, FedRAMP, HIPAA, NACHA, and SSAE-16)
• Experience in network and/or firewall engineering, administration, design and implementation
• Experience in applying methodologies and principles for all levels of security
• Experience with technologies, tools and process controls to minimize risk and data exposure
• Application development and/or source code review experience in C/C++, C#, VB.NET, ASP, PHP, PERL, Python, or Java
• Knowledge of project management practices
• Experience in large Enterprise data centers and/or networks

Qualifications: BS in Cybersecurity with 5 years of Experience

• Experience in a system administration role supporting multiple platforms and applications
• Experience with planning, researching and developing security policies, standards and procedures
• Experience with risk assessment tools, technologies, and methods
• Experience working with System Information Event Management systems (SIEM)
• General experience with communicating network security issues to peers and management
• Solid background in security architecture and a deep understanding of operating systems, VMware, Windows 7/10, Windows Server (2008 to current), Linux and cloud technologies
• Proficiency in basic network troubleshooting (LAN/WAN/wireless topologies), firewalling and reverse proxy topologies
• Experience in designing, managing and incorporating technical security controls
• Ability to deploy, tune, manage and troubleshoot endpoint protection technologies

Qualifications: BA in Information Systems with 4 years of Experience

• Hands-on experience working with structured and unstructured data in both relational SQL DB as well as Hadoop
• Working knowledge of building data models to drive advanced analytics
• Expertise with software or model development using Python and/or R
• Experience with agile methodologies
• Experience with developing Tableau dashboards and presentations
• Demonstrated project management skills
• Experience with managing data-driven approaches, from project ideation to production deployment of data processes, analytical solutions, or predictive models
• Effective interpersonal, verbal and written communication skills
• Experience with interactive visuals (Power BI, Tableau, etc.)
• Familiarity with cybersecurity best practices
• Working knowledge of Spark (Scala/Pyspark)
• Ability to work independently with minimal supervision, as well as in a collaborative team environment

Qualifications: BS in Network Engineering with 7 years of Experience

• Experience in project management in the areas of IT, Security or Operations
• Experience with advanced Excel skills (pivot tables, formulas, V-lookups)
• Experience with PCI DSS assessments
• Strong people skills to manage tasks through influence
• Working knowledge of the current regulatory and international standards organizations' IT security control frameworks and their application (PCI, HIPAA, NIST, and/or SOC)
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Demonstrated strong interpersonal skills and an ability to work with a sense of urgency
• Current knowledge of security threats, vulnerabilities, and the technologies to prevent/protect against them
• Experience in application-level vulnerability testing and code-level security auditing
• Experience working in web application security
• Experience in software development using C++ or Java
• Knowledge of security engineering, computer and network security, authentication, security protocols, and applied cryptography
• Excellent verbal and written communication skills

Qualifications: BA in Public Administration with 8 years of Experience

• Strong experience in web and mobile application security issues
• Strong experience in distributed platform development security and design In-depth knowledge of web and mobile security standards and best practices (OWASP, etc.)
• Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth, etc.)
• Experience with industry tools and technologies such as Burp, Metasploit, etc.
• Working knowledge of common languages such as Python, GO, JavaScript, Java, etc.
• Familiarity with audits and standards requirements such as ISO 27001, PCI DSS, SOC 1 and 2, MLPS, etc.
• Proven expertise in enterprise-grade and web scale security solutions Excellent communication skills
• Ability to explain complex security topics in simple terms
• Ability to lead and project manage multiple security initiatives

Qualifications: BS in Applied Mathematics with 5 years of Experience

• Expertise with cloud security controls and best practices for cloud-based systems, including operating cybersecurity tools and processes in AWS and Microsoft Azure
• Experience with Cloud computing services including but not limited to AWS, GCP, and Azure
• Strong knowledge of common information security management frameworks, such as SOC2, ISO/IEC 27001, and NIST
• Extensive knowledge and experience in the implementation of security frameworks and standards such as NIST CSF, 800-53, ISO 27001, SOC 2, and GDPR
• Ability to translate control requirements and recommendations into actionable improvements and the ability to translate technical information into business language
• Experience leading CSIRTs, incident and/or vulnerability response
• Must have Security certifications such as CISSP or CISA, or CISM
• Knowledge of Cisco IRONPORT email Security
• Knowledge of Cisco ASA, FirePower FirePass, Trust concepts and tools, including Secure Web Gateway, CASB, and Software Defined Perimeter
• Provides security education and awareness training to employees
• Knowledge of Google Workspace / O365, OneLogin, collaboration tools, CRM, finance systems, employee laptops/desktops, secure web gateway, CASB, etc.
• Ability to communicate and interface with technical and non-technical members of the organization

Qualifications: BS in Computer Engineering with 6 years of Experience

• Ability to communicate via written and verbal communication in both formal and casual situations
• Demonstrated initiative and success in providing Information Security services in a university setting
• Knowledge of Information Security principles, practices, and concepts
• Experience with Firewall, Anti-Spam, Anti-Virus, Intrusion Detection and Vulnerability Management systems
• Knowledge of Windows, Macintosh, Linux, and Unix operating systems
• Sound understanding of LDAP, Network architectures, Active Directory, and Group Policy Objects
• Experience with securing Cloud solutions, including Software as a Service (SaaS), Platform as a Service (PaaS), and Infrastructure as a Service (IaaS)
• Knowledge of TCP/IP and infrastructure-related protocols
• High-energy, detail-oriented and proactive
• Ability to function under pressure in an independent environment, but also as part of a highly productive team
• Successful track record in software development or security engineering
• Experience in regulatory compliance (e.g., PCI)
• Experience in dealing with difficult situations and making decisions with a sense of urgency
• Experience with coaching junior developers

Qualifications: BA in Liberal Arts with 9 years of Experience

• Broad security domain knowledge and understanding of security concepts
• Experience with AWS Security
• Experience with the Infrastructure as Code approach
• Experience with AWS EKS
• Experience with Google Workspace
• Ability to learn new things and show technical leadership, think in a multi cloud manner
• Experience with other cloud providers like GCP, Azure
• Understanding the requirements of ISO 27001, SOC 2, PCI DSS
• Experience with the implementation, oversight, and maintenance of the security configuration, practices, and procedures for systems

Qualifications: BS in Management Information Systems with 5 years of Experience

• Degree educated in IT, Security, or a related discipline - equivalent work experience may be substituted
• Proven experience in GDPR compliance processes
• Ability to administrate and maintain a broad set of security tools and capabilities
• Proven understanding of Microsoft infrastructure operating principles
• Ability to scope and design new network/security infrastructure
• Working knowledge of security frameworks such as NIST 800-53, ISO 27002 and SANS Critical Controls
• Knowledge and experience with UNIX, Windows, and Network Security
• Understanding of SIEM, IDS, Vulnerability Scanning, Penetration Testing, and Mobile Device Management
• Strong communication skills, time management, and analysis/comprehension
• Experience within sales / FMCG

Qualifications: BS in Cloud Computing with 6 years of Experience

• Critical thinking skills and an in-depth knowledge of network architecture, web applications, and systems to confidently challenge incorrect information
• Strong written and verbal English language skills
• Knowledge of remote access technologies and their secure implementation
• Knowledge of identity management strategy, techniques, and technologies
• Full-time experience in information technology security, including experience or training in OWASP, secure infrastructure architecture, server and network appliance O/S configuration
• Experience with a variety of security tools and controls, including firewall rule-set review, log/SIEM review, file integrity monitoring, web-application firewalls, encryption, anti-malware, forensics, and general security/risk problem-solving
• Extensive experience with relevant security standards, regulations, frameworks, and best practices such as NIST, PCI DSS, ISO/IEC 27000-series, HIPAA/HITECH, and SSAE 18
• Ability to quickly create on-the-fly summary and detail documents to outline issues, problems, or infrastructure being examined
• Expertise in Visio diagrams, PowerPoint presentations, Excel spreadsheets and Microsoft Word, etc.
• Deep experience as a technical auditor performing a complete review of system infrastructure including discovery and testing

Qualifications: BS in Telecommunications with 5 years of Experience

• Must have a certified Information Systems Security Professional (CISSP) certification
• Experience with SAFe Agile Scrum Software Development methodologies with a cross-functional team approach
• Experience with the use and operation of security tools and applications
• Demonstrated experience in analysis simulation environment, configuring/troubleshooting software/hardware enhancements, application deployments, and infrastructure upgrades in a dynamic information system hosting environment
• Must be able to communicate, converse, and exchange information with peers and senior personnel
• Must know about Endpoint security / Email security
• Extensive experience in the field of IT infrastructure/network/cloud engineering
• Able to switch when priorities change, analytical, proactive and result-oriented

Qualifications: BS in Artificial Intelligence with 4 years of Experience

• Ability to work actively and collaboratively within a team
• Strong project management, time management and communication (both technical and non-technical) skills
• Strong analytical problem-solving and troubleshooting skills
• Ability to write reports and plans
• Ability to analyze, troubleshoot, and investigate security-related information system anomalies
• Ability to conduct security vulnerability assessments against multiple types of information systems
• Experience with network and system security audits and with application security audits
• Solid understanding of Federal and State laws about safeguarding electronic protected health information, personally identifiable information, and other sensitive data types
• Experience with disaster recovery planning and certification and accreditation process
• Must have a Security certification such as CISSP or GIAC
• Previous experience working with Healthcare Information Systems
• Previous experience as a help desk administrator, systems engineer, or other IT-related function

Qualifications: BS in Software Engineering with 7 years of Experience

• Experience in information security
• Ability to identify and mitigate network and system vulnerabilities and explain how to remediate them
• Understanding of the following: OWASP Top 10 Security Risks, NIST cybersecurity framework and other related frameworks
• Knowledge of FFIEC IT examination handbooks
• Strong interpersonal, communication and customer service skills
• Ability to think critically
• Ability to work independently or in a group setting
• Understanding of vulnerability and penetration testing methodologies
• Prior penetration and vulnerability testing experience
• Knowledgeable on NIST CSF, HIPAA, PCI, NIST 800 series and ITIL process management
• In-depth understanding of common attack patterns and how systems can become compromised
• In-depth understanding of CSIRT processes, techniques, and general concepts and MITRE ATT&CK framework and working knowledge of the cyber kill chain
• Understanding of cyber risk reduction and implementation of technology, processes, governance, and organizational mechanics across the spectrum of the cyber landscape

Qualifications: BS in Information Technology with 8 years of Experience

• Experience working with IDS solutions, OSSEC/Snort 
• Experience using Terraform to deploy public cloud resources
• Experience using the AWS CLI
• Experience programming in Python
• Attained any AWS certifications, HashiCorp certifications, IT Security, or networking professional qualifications
• Experience using Splunk to build searches, dashboards and alerts
• Experience working with agile methodologies, sprints, and ceremonies
• Exposure to vulnerability management tools such as Nessus
• Able to develop a custom Security Orchestration, Automation and Response (SOAR) framework to automate the workflow
• Able to develop automation tools for incident response and other areas
• Able to work closely with Cyber Defense teams to develop and integrate custom playbooks, use cases, and workflows

Qualifications: BS in Network Engineering with 7 years of Experience

• Experience in using Infrastructure as code (IaC)
• Must have a solid foundation in Networking
• Knowledge of or at least a strong interest in information security
• Comfortable with working with the Linux command line
• Experience in Scripting or Programming
• Must have experience using Git
• Experience creating and managing CI/CD pipelines
• Experience working with Web Application Firewalls (WAF), F5 products
• Experience managing bastion hosts and Jump boxes
• Able to develop schemes and technology to secure and monitor new technologies as they are onboarded
• Able to create resources, documentation, and training materials to help both the security operations and other teams
• Able to work with other internal and external teams to forge new and improve existing partnerships that help mature the teams' techniques, tactics, and procedures (TTPs)
• Able to work with external stakeholders such as law enforcement, cyber insurers, lawyers and more
• Ability to participate in an on-call rotation

Qualifications: BS in Electrical Engineering with 9 years of Experience

• Experience with information security, regulatory compliance and risk management concepts
• Comprehensive understanding of InfoSec risk management concepts, security engineering principles and practices (e.g., COBIT or NIST)
• Demonstrates a basic knowledge and understanding of Information security principles, System Development Life Cycle (SDLC), general and IT controls, security engineering principles, and related information security policies and procedures
• Exhibits knowledge of industry regulatory standards and accreditation requirements (HIPAA, PCI, and Joint Commission)
• Comprehensive knowledge of information security regulations, standards and leading practices, including an understanding of EHR application access controls
• Good knowledge of basic database query techniques and data mining to analyze data (e.g., Excel, SQL, Quickbase, Business Objects) or other related database functionality
• Knowledge of MS Active Directory, UNIX, and Clinical Applications
• Experience implementing application-level security in clinical and financial systems (e.g., Epic, Lawson)
• Understands different firewall architectures (packet filter, application firewalls, application proxy, and VPN) and brands (Checkpoint, Cisco)
• General understanding of networking and communication techniques including WANs, LANs, Internet, Intranet, protocols, such as TCP/IP and their impact on security
• Some knowledge of security applications such as intrusion detection systems and forensics packages (EnCASE), ArcSight, Foundstone
• Understands differences in perimeter and DMZ architectures and experience with industry standards, with system architectures including various UNIX and Microsoft Windows server and desktop platforms
• Experience with application layer formats, usage and characteristics (HTTP, FTP, SSH, DNS, SMTP)
• Must know system architecture and design
• Experience with industry-standard SDLC methodologies
• Hands-on experience in Project Server methodologies, PMO project management skills, including the use of MS productivity tools (Access, Word, PowerPoint, Visio, Project)
• Experience with risk management frameworks

Qualifications: BA in Public Administration with 11 years of Experience

• Must have information security certification such as CISSP, SSCP, CCIE or CEH
• Hands-on experience in vulnerability scanning, firewall, antivirus and malware analysis, endpoint encryption, proxies, IDS/IPS, log correlation tools, SIEM, DLP, NAC, and WAF
• Technical writing, documentation, and communication skills 
• Comfortable working on both Linux-based and Windows-based system platforms
• Strong IT technical understanding and aptitude for analytical problem-solving
• Strong understanding of enterprise, network, system and application-level security issues
• Understanding of enterprise computing environments, distributed applications, and TCP/IP networks
• Understanding of the system hardening processes, tools, guidelines and benchmarks
• Working experience in a BPO contact center 

Qualifications: BS in Data Science with 4 years of Experience

• Experience in application-level vulnerability testing, penetration testing or building software security controls
• Experience in identifying and remediating common web and mobile application vulnerabilities such as OWASP Top 10, Mobile Top 10
• Experience in the use of various commercial and open source penetration testing tools
• In-depth technical knowledge of software development, security engineering, computer and network security, cloud security, authentication, security protocols and applied cryptography
• Understanding of modern IT infrastructure, cloud environments (AWS) and Linux containers and orchestration systems (Kubernetes)
• Understanding of cryptography, web service frameworks, mobile application architectures, and service architectures
• Experience with one or more programming languages (such as Java, C++, Ruby, Python, Perl, Go ) and development frameworks (Spring Framework, Swift, Kotlin, React Native, ReactJS, VueJS) for code review
• Application security certification such as CISSP, CSSLP, OSCP, CEH, GPEN
• Experience managing and enforcing security strategies and policies
• Knowledge of IT Security Strategy, Cyber Security, Compliance and Risk Management to include IT Security
• Able to provide integration of security requirements into customer process improvement efforts according to the security policy framework
• Able to create security engineering data flow designs supporting all aspects of Information Assurance and Information Security (InfoSec)

Qualifications: BS in Telecommunications with 5 years of Experience

• Work experience with Information Services and Application Security
• Detailed knowledge of security and hacking techniques, standards, and state-of-the-art capabilities 
• Experience in all aspects of security research and development of proactive countermeasures
• Basic knowledge of a Security Framework and its technology
• Experience with identity management and provisioning
• Must be familiar with managing user accounts in Active Directory
• Experience recording, tracking, and managing requests in an online ticketing system
• Analytical skills to review complex reports for anomalies
• Experience troubin leshooting complex resource provisioning or security issues
• Proficiency with general computer software
• Strong attention to detail
• Strong verbal and written communication skills

Qualifications: BS in Internet Security with 6 years of Experience

• Experience in network security, application security, and information security
• Knowledge of Information Security Standards and main issues regarding Data Privacy
• Strong working knowledge in the domains of Web and Application Security, HTTP, SSL/TLS, OWASP Top 10, CWE 25, CVSS and practical cryptography usage
• Self-motivated individual, able to work well independently as well as within an interdisciplinary engineering team
• Good command of written and spoken English
• Solid understanding of security protocols, infrastructure, and real-life operational constraints
• Experience conducting Digital forensics
• Experienced  in analyzing log data and be able to correlate data to ascertain activity
• Experienced in using SIEM and capable of performing threat hunting with SIEM and performing OSIT
• Experienced in conducting malware analysis

Qualifications: BS in Artificial Intelligence with 4 years of Experience

• Responsible for extensive requirements gathering, Elicitation and Analysis of data, content and information
• Good knowledge of Business Continuity Planning and experience in managing activities related to or as a Business Continuity Administrator (BCA)
• Basic Knowledge and understanding of Incident, Problem, Change management and ticketing tools
• Experienced in formal engineering disciplines such as Agile / SDLC
• Good knowledge and experience on project management tools like JIRA, SharePoint, etc.
• Good Reporting skills (Excel, PPT, Access, Dashboards, Trend Analysis, Comparative Analysis), for publishing metrics to various stakeholders
• Must have excellent written and verbal communication skills
• Ability to grasp new tools and methodologies quickly
• Strong knowledge of (VBScript/PowerShell/Perl/Python) scripting 

Qualifications: BA in Criminal Justice with 3 years of Experience

• Prior experience resolving OWASP top 10 static analysis findings
• Expected to lead the design and implementation of security automation
• Prior experience in one or more of the following programming languages and technologies: Java, .NET, Docker
• Experience with cloud technologies and languages (Python, Go, NodeJS, Infrastructure as code)
• Prior experience integrated with security tooling including SAST, SCA, CASB
• Knowledge in maintaining, configuration, upgrades of Bluecoat Proxy SG S500, S400, S200, MC400-30 and configuring the CPL code as per design
• Troubleshoot, identify and resolve proxy issues
• Good knowledge of TCP, HTTP, and SSL protocols and headers, as well as packet-level protocol analysis capabilities
• Strong knowledge and experience in the areas of IP routing, switching, load-balancing, and advanced network automation techniques and solutions
• Strong knowledge in the development of secure Network architectures and standards

Qualifications: BS in Applied Mathematics with 5 years of Experience

• Demonstrate advanced understanding of business processes, internal control risk management and related standards
• Must be able to work under pressure and meet deadlines, while maintaining a positive attitude and providing best-in-class client service
• Excellent written and verbal communication skills, interpersonal and collaborative skills
• Ability to communicate security and risk-related concepts to technical and non-technical audiences
• Ability to manage complex issues and develop solutions
• Strong experience with the application of advanced network-based technical security controls in large enterprise network environments
• Experience in related information security technology areas, including vulnerability assessment, ethical hacking, and application security
• Knowledge of DNS, DHCP, proxy technology, and Unix-based network appliances
• Experience with large-scale enterprise security solutions spanning multiple business functions and geographic locations
• Ability to work periodic after-hours work including participation in an on-call rotation
• Demonstrated enterprise experience in the change management process
• Strong working knowledge of providing/understanding network security documentation

Qualifications: BS in Network Engineering with 7 years of Experience

• Experience working in the Security / Risk / Fraud space to build end-to-end security solutions to reduce monetary losses due to security loopholes and fraud
• Ability to conduct deep dive investigations into Security / Fraud / Risk abuse patterns in the product code
• Experience working with Big Data systems and Data analysis techniques
• Knowledge of the integration of Security automation solutions with systems like GitHub and Open Source Security solutions
• Ability to analyze the reports / troubleshoot issues with Blackduck and Twistlock implementations in on-Prem / AWS Cloud environments
• Working experience in application security and development
• Strong experience with Fortify, Contrast, BlackDuck, SonarQube, AppScan
• Experience with version control tools such as git and Bitbucket
• Experience with SAST tools, such as Fortify, and providing workable recommendations
• Must be familiar with OWASP Top Ten
• Understanding of Vulnerability Governance and Reporting Process
• Understanding of tools such as Maven, Gradle, etc
• Solid development background in Java, Java EE, Spring
• Strong problem-solving and analytical skills

Qualifications: BS in Electrical Engineering with 9 years of Experience