Senior Security Engineer (ID Analytics) at Symantec
Posted in Other 30+ days ago.
This job brought to you by America's Job Exchange
Type: Full Time
Location: San Diego, California
ID Analytics is a leader in credit and fraud risk solutions with patented analytics, proven expertise and up-to-the-minute insight into consumer behavior. Founded in 2002, with a vision to think differently about how institutions solve the problem of verifying consumers identities, we now solve a full range of identity challenges, including assessing credit risk and improving online customer experience. Our tools help our clients protect themselves and their customers from identity risk and fraud. Our solutions are all powered by analytics, but it s our access to data unseen by other bureaus that differentiates our solutions. ID Analytics is a Symantec company.
We are looking for an experienced Senior Security Engineer to join our team.
The Senior Security Engineer position is part of the Information Security team at ID Analytics and will be responsible for configuring, deploying, and maintaining security technologies aimed at protecting the company s information technology assets and data. In addition, this role will be responsible for monitoring security sensors and reviewing logs to identify potential security threats and vulnerabilities and will ensure that the output from security tools can be consumed and actioned by the appropriate teams. More specifically, the team is responsible for identifying, documenting, and assessing Information Security risks within the environment and partnering closely with the key stakeholders across the company to perform required remediation. We are looking for a very self-driven individual with excellent hands-on technical ability combined with strong teamwork and communication skills.
* Partner with stakeholders across the company to align on security technologies and initiatives.
* Review software and hardware to ensure security requirements are met, and provide recommendations on new security software and hardware investments.
* Actively lead proof-of-concepts for new security technologies by developing and maintaining standards and selection criteria to identify appropriate security solutions to support strategic operational needs and security requirements.
* Monitors, evaluates, and maintains complex security systems according to industry best practices to safeguard internal information systems and databases.
* Assess networks and systems to identify, report on, and provide guidance in remediation gaps by recommending mitigating controls.
* Interface with all levels of business within the organization to identify, define, document, and implement risk assessment solutions to improve overall risk posture.
* Design, configure, and implement processes to alert of potential issues that impact operations not working as designed or intended.
* Develop and implement detection use cases to detect potential security risks and assist with incident response activities, as required.
* Review potential vulnerabilities to determine impact and collaborate with key stakeholders to perform required remediation activities.
* Provide technical leadership and mentoring to team members.
* BS in Computer Science or a related field. An equivalent combination of education and experience may be substituted for the degree requirement.
* At least five years of experience in information security or information technology.
* At least two years of experience in security related technologies (i.e. antivirus, IDS/IPS, firewalls, SIEM, FIM, database monitoring, etc.). Hands-on experience with multiple security tools and technologies that cover a breadth of security disciplines.
* At least two years of experience in Linux and Windows administrator and/or network administrator.
* At least two years of experience in one or more scripting languages (i.e. Perl, Ruby, python, etc.) with the ability to write complex scripts.
* Experience in securing and developing security policies for cloud-based infrastructure (i.e. Azure, AWS, etc.)
* Technical proficiency in regular expressions.
* Experience in designing and building enterprise monitoring capabilities.
* Hands-on experience in designing, implementing, and operationalizing output from various security technologies to make the information actionable for internal customers.
* Hands-on experience in integration of disparate tools. Technical proficiency in API calls to enable integration.
* Familiarity with generally accepted information security governance framework (i.e. PCI DSS, ISO 27001, etc).
* Demonstrated ability to troubleshoot issues in a complex technology environment.
* Strong problem solving skills.
* Excellent communication (both oral and written), organizational, and customer service skills. Ability to interface with all levels within the organization, vendors, customers, prospective clients, auditors, etc.
* Capable and self-motivated to quickly learn new technologies (scripting languages, technology frameworks, etc).
* Previous experience working a highly regulated industry that collects personally identifiable information (PII).
* In-depth knowledge and expertise in one or more security disciplines: vulnerability management, patch management, configuration management, threat monitoring, identity and access management, data loss prevention, database monitoring, file integrity monitoring, incident response, etc.
* Previous experience in representing security on Change Advisory Board (CAB) to provide approval for technology changes required for the business.
Symantec is an equal opportunity employer. All candidates for employment will be considered without regard to race, color, religion, sex, gender identity, sexual orientation, national origin, physical or mental disability, veteran status, or any other basis protected by applicable federal, state or local law.