Previous Job
Previous
Information Security Engineer III
Ref No.: 17-00079
Location: Spartanburg, South Carolina
Position Type:Direct Placement
Experience Level: 5 Years
Start Date: 07/17/2017

Overview

The Senior Information Security Engineer III role leads the identification, analysis, and management of security related risks across the organization. This role will conduct risk assessments and security architecture reviews on new products and processes, lead any analysis and prioritization efforts to improved incident management and cyber security, ensure consistent and robust security risk management practices are being followed based on the defined framework and methodology, develop security related risk strategies, programs, policies and processes, assess Cyber Operations (incident management, threat intelligence, forensic analysis, etc.) conduct Compliance Assessments (PCI, GLBA, HIPAA, etc.)  and mentor junior level analysts.

Responsibilities

Essential Functions

  • Responsible for developing integrations between enterprise identity management and target systems
  • Investigates and implements process and performance enhancements to existing code base
  • Works with Identity Management architect to design new integration's
  • Develops and executes functional test scripts
  • Generates work estimates for use in project planning activities
  • Supports application change process
  • Report on development activity status to senior team members
  • Provide application usage guidance for L1 support staff
  • Submit, update, and track support requests with software vendors
  • Follow project management and SDLC disciplines to insure structured and effective implementations
  • The preferred candidate would be current in the latest development technologies including Java & J2EE, Active Directory, Web application server implementation/deployments, LDAP, and Identity Management with a history of hands-on development skills in these areas.

Other Duties and Responsibilities:

  • Design and Implementation
  • Design, develop, and test custom implementations
  • Investigate vendor-provided connectors for future integrations
  • Create, maintain, and execute test plans for new and modified components
  • Participate in code and configuration review processes
  • Provide development guidance to junior team members
  • Follow SDLC process and team best practices in all activities
  • Maintain up-to-date knowledge on all internal best development practices as it relates to IT Security.
  • Work with internal/external developers as required making sure they are following and implement IT security best practices.
  • Develop as needed coding to support IT security based applications utilizing the IT security application tools.
  • Operational Support /Management
  • Support all audit, SSAE16 and other related data inquires.
  • Maintain training materials for system users
  • Investigate issues reported by L1 support and provide remediation guidance
  • Support change process to migrate updates to Production
  • Required to handle as required on-call support for identity management systems.

Qualifications

Qualifications

  • Bachelor degree in Management Information Systems (MIS), Computer Science or related field
  • 7+ or more years of Information Security or IT audit experience
  • In-knowledge of intrusion detection/prevention systems and network architecture;
  • Knowledge of asset, configuration, and data security management best practices
  • Knowledge of Cloud Security Methodologies and deployment approaches, and ability to engage in security discussions pertaining to Private/Public Cloud Providers, and IaaS, PaaS, and SaaS models
  • Knowledge of threat vector analysis, modeling, and attack trees in designing cyber security controls
  • Experience in, or knowledge of Audit and Assessment of 3rd Party Providers, including onsite assessment, SOC Reviews, and reviews of BITS SIG, or Cloud Security Alliance (CSA) documentation

Preferred Qualifications

  • Experience in in information security technology such as firewall, intrusion detection systems (IDS), Identity Access Management (IAM), anti-malware and SIEM technologies
  • Knowledge of Network and TCP/UDP architecture
  • Strong written and verbal communication skills, ability to effectively communicate across all levels of the Company and attention to detail
  • Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries such as; GLBA, PCI, ISO 27001, HIPAA, SOC, SOX
  • Certifications: CISSP or CISA preferred.

Travel - This position will require up to 5% local travel.