Senior Information Security Engineer
Loy Logic
1d ago
source : Shine

As Senior Information Security Engineer you will report to the IT Service and Security Director and work closely with Development, Product and other teams across the organization to assure vulnerabilities within the enterprise are identified, validated and mitigated in a timely manner.

In addition, you will validate compliance with information security policies and standards by conducting regular audits of the Organization.

You will work independently with Hosting / Infrastructure administrators, IT / Product owners and other colleagues to ensure secure design, development and implementation of applications and networks.

What you will do

Monitor and respond to alerts indicating security incidents and research new and emerging threats to preemptively eliminate the possibility of system breach

Conduct both self- assessments and coordinate third party risk assessments of technology infrastructure and operational processes and controls for assigned areas

Conduct recurring scans and audit and track mitigation activities through to completion.

Conduct scheduled, targeted IT compliance audits and vulnerability scans and pen tests for the organization

Provide remediation guidance and recommendations and coordinate with Development Operations, IT and other teams as needed to provide oversight to the remediation and / or mitigation of enterprise vulnerabilities

Establish appropriate security and compliance management calendar, schedule engagements and track activities to completion.

Maintain history of scans and activities for future reference

Maintain and report out on the Information Security Risk Register

Manage and maintain ISO 27001, PCI DSS, GDPR and any future security standards and compliances. What you will need

5+ years of Information Security and Vulnerability assesment Penetration testing experience

Bachelor s degree or equivalent in a related field

Direct experience with maintaining and utilizing common commercial and open source vulnerability scanning and security auditing tools (BurpSuite, Nesuss, Nexpose, OpenVAS, Nmap etc.

in both cloud (AWS) and conventional environments

Thorough understanding of network defense technologies, TCP / IP networking, Active Directory, DHCP, DNS, network security monitoring tools, WAF, secure engineering principles and technical security testing methodologies

Experience with one or more scripting languages (Perl, Python, or other) in an incident response environment

Extensive Linux and Unix experience including deep knowledge of file system layout, log file analysis, timeline creation, and common configuration deficiencies

Desktop, server, application, database, and network security hardening principles and practices for threat prevention

Experience with ISO 27001 and PCI DSS implementation, certification and maintenance

Knowledge of methods for on- going evaluation of the effectiveness and applicability of information security controls (e.

g., vulnerability testing, and assessment tools).

Familiarity with classes of vulnerabilities, appropriate remediation, and industry- standard classification schemes (CVE, CVSS, CPE).

Effective communication and presentation skills with demonstrated ability to prepare documentation and presentations for technical and non- technical audiences

Must be a critical thinker, with strong problem- solving skills

High level of personal integrity, as well as the ability to professionally handle confidential matters, and show an appropriate level of judgment and maturity

Self- starter, positive attitude, ability to work independently, enjoys learning and staying current with industry developments, regulations and best practices.

What we have Loylogic is the world s leading innovator and creator of points experiences, insights, commerce and engagement.

By tantalizing members with more choices and arming programs with insights on behavior anticipating both present and future needs we deliver powerful solutions that amplify engagement and build loyalty.

Our goodies for you

Competitive salary dependent on experience

Office location on a non traffic road

Chief Joy Officer and Personal Coach

Internal incentive program

Anniversary bonus

Annual Team Outing and regular Team events

My Email
By clicking on "Continue", I give neuvoo consent to process my data and to send me email alerts, as detailed in neuvoo's Privacy Policy . I may withdraw my consent or unsubscribe at any time.
Application form