This is a key role in the US Information Security team for a multi-national Software company with multiple business units, under the guidance of the Director of Enterprise Technology & Tools.
- Engages stakeholders in managing the Information Security Program and ensure that all tasks of the function are achieved in a timely manner.
- Provide analysis and guidance regarding threats, vulnerabilities, and privacy and security incidents using Splunk, Nessus, Nexpose, Microsoft ATP.
- Analyze proposed solutions architecture, technology, design and IT development processes to identify potential threats and vulnerabilities, and to recommend options that enhance the security of solutions and business processes.
- Participate in, or lead testing, evaluation, upgrade and implementation of new and existing security applications to address emerging threats and vulnerabilities.
- Implement and update the Information Security Policies, identify gaps and recommend and facilitate the mitigation of the gaps in line with industry standards and best practices.
- Participate in Change Management, Problem Management, Configuration Management, and Inventory Management activities as necessary.
- Familiarity with IT Security(Linux/Kali, MetaSploit, Burpsuite, EnCase, Splunk ES)
- CISSP, CISM or GIAC certification preferred.
- A minimum of 5 years broad experience across all IT Security Domains.