- Web Application Vulnerability Management
- Security online webbased portal for renters
- Security & admin the system
- Penetration tester
We are seeking an Information Security Engineer to focus on Web Based Vulnerability Management, supporting information security maturity and making security actionable and relevant to the business.
The Information Security team is responsible for managing security tools, security initiatives and programs, and mitigating risks. This is a highly technical, hands-on role that requires a wide and deep experience in the technical aspects of security as well as the soft skills needed to move at the speed of business. This position requires practical knowledge of security technologies, operations and concepts as well as data privacy and protection.
- Develop a set of security standards and best practices for the organization and recommend security enhancements to management as needed; develop strategies to respond to and recover from security incidents/breaches; educate the workforce on information security through training and building awareness.
- Install and use software (e.g. firewalls, data encryption programs) to protect organization's sensitive information; assist with installation or processing of new security products and procedures.
- Conduct or manage penetration testing, in which simulated attacks on systems are highlighted to find any weaknesses that might be exploited by a malicious party.
- Manage security tools that help identify intrusions and watch for irregular system or user behavior.
- Lead technical and forensic investigation into how the incident/breach occurred and the extent of the damage; prepare reports of findings to be reported to management.
- Bachelor’s degree from an accredited university required; Computer Science program strongly preferred
- 4+ years experience as an engineer, implementing and monitoring security measures for the protection of computer systems, networks and information
- 4+ years experience identifying and defining system security requirements
- Ability to research, architect and drive complex technical solutions consisting of multiple technologies
- Thorough understanding of the latest security principles, techniques and protocols
- Experience with data stream and data messaging services including syslog, web API GET calls, JSON, etc.
- Experience with data management technologies (e.g. SQL Studio, Data Synchronization Studio)
- Working knowledge of network protocols and Wintel/Linux/Unix system internals and transport protocols (TCP, TLS, HTTP/S, UDP)
- In addition, the ideal candidate must have strong communication and problem solving skills. Must be able to build and maintain relationships with varying levels of management within all departments. Our ideal candidate will have two years of information security consulting experience with large professional services firm and some exposure to the Okta and Azure AD platforms.