Senior Security Engineer

US-AZ-Phoenix
Company
University of Phoenix
Job Family
Information Technology
Virtual Eligible
No
Requisition ID
2017-9339
Position Type
Full-Time

Overview

Responsible for ensuring the security of information across the enterprise. Interacts closely with customers, software developers, enterprise architects, information security, internal audit, compliance, and other key stakeholders in order to build information security strategies and programs. Contributes to enterprise-level policies and standards, lead incident response activities, and remediate security issues. Improves the ability of the organization to protect the confidentiality, availability, and integrity of the Company's and our customers' information assets. Responsible for various technologies to produce coherent technology strategies and architectures. Acts as the primary lead for implementing and configuring security tools within the Apollo Technology space. Implements the framework for security standards and compliance of Apollo’s systems, infrastructure & solutions. Provides feedback and consultation to the Security Architecture team, as well as project teams and ongoing projects and initiatives, integrating optimal security controls as appropriate and required.

Responsibilities

  • Act as a primary point of contact for all issues related to Information Security Operations and technology.
  • Manage multiple security projects simultaneously.
  • Maintain hardware and software tools used to support Information Security Operations functions.
  • Act as a technical security advisor for less experienced Security Analysts.
  • Lead incident response and investigations of suspected information security events, misuse or compliance reviews and provide root cause analysis within documented incident reports.
  • Assist in responses to internal and external compliance audits, e-Discovery data collection, penetration tests and vulnerability assessments.
  • Coordinate maintenance of security-related systems (Anti-Virus, Logging, Content filtering, Intrusion Prevention, Security Incident and Event Management, Syslog, etc.).
  • Maintain general working knowledge and awareness of concepts such as Identity & Access Management (IAM), Access Controls, Authorization, Encryption of data at rest / in transit, multi-factor authentication, web application firewalls, etc.
  • Maintain runbooks for Information Security tools and create new runbooks for newly implemented security technologies.
  • Review system designs and architectures and make security-related recommendations.
  • Validates and tests existing security infrastructure to establish continual improvements and enhancements.
  • Recommend enterprise-level information security policies and standards.
  • Responsible for training new Security Analysts on Apollo’s cutting edge security tools.
  • Coordinate changes for the Information Security tools and submit all change requests through the documented change control process, while also participating in the established change control process.
  • Document and maintain appropriate OLAs/SLAs within Apollo Technology.
  • Provide input and assist in collection of established metrics for reporting.
  • Conduct analysis on existing and emerging threats and provide appropriate recommendations for remediation.
  • Participate in an on-call rotation in support of the 24/7 Security Operations Center.
  • Performs other duties as assigned or apparent.

Qualifications

Basic Requirements:
• Bachelor’s degree (preferably in Computer Science, Business or related area) and/or a combination of:
o Equivalent education or training in related disciplines
o 10+ years progressive experience in Information Security related roles
o Security related certifications e.g., CISSP, CISM, CISA
• Minimum of 6 years direct and hands-on experience with network and Security components, including firewalls, intrusion detection systems, anti-malware products, e-Discovery and forensics tools and products, data encryption, VPN's, vulnerability scanners, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP)

Additional Qualifications:
• Demonstrate strong communication skills required to discuss and present complex engineering principles

• Subject Matter Expert (SME) level knowledge of security tools, trends, methodologies, and best practices for securing platforms and operating systems at the server, client, and handheld level.
• Expert knowledge of information security risks and counter-measures for Windows and Unix/Linux platforms
• Experience with risk management methodologies and frameworks
• Demonstrates the ability to create and manage Security solutions with a high degree of integration
• Strong understanding of regulatory requirements (PCI, SOX, GLBA) and how they impact information security functions

• Intimate knowledge of industry frameworks related to information security (e.g. ISO 27000, NIST, etc.)
• Demonstrated ability to work effectively in a collaborative team environment as an individual contributor.
• Ability to provide support after normal business hours, as needed.
• Resourceful, creative, innovative, results driven, and adaptable
• Open to potential travel when/if the position deems necessary

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on Your Newsfeed

Need help finding the right job?

We can recommend jobs specifically for you! Click here to get started.