You will be tasked with securing all of our enterprise systems from the edge, including CDN and firewalls, all the way through to the datacenter, enterprise applications, and all the end-point devices. All of our enterprise software is developed in-house and will require you to work directly with the software teams to ensure we are following all appropriate security guidelines. You will lead the compliance efforts for PCI and privacy (CCPA/GPDR) within the technology department and assist the rest of the company in their efforts to comply. You will lead a cross-functional team that aims to keep all areas of Technology involved in keeping our enterprise posture highly secure.
- Maintaining our suite of software tools along with the recommending and implementing new tools or additional features as you continue to help build up our security posture.
- Monitor various sources for threat data and vulnerabilities so we can proactively apply changes or fixes to remediate.
- Audits performed by the security team on our various platforms will be vital to maintaining that security posture, in addition to ensuring we verify fixes and patches have been properly applied.
- Advise different departments on how to best support compliance efforts including such things as working with HR to keep training up to date and helping our legal department with data privacy concerns. .
- Improving how all of the preceding is monitored, reported, and turned into actionable data will be key to taking the security program to the next level.
- Scanning software (Tenable)
- Cisco Security Tools (AMP, Firesight, Stealthwatch, Umbrella)
- Sophos Antivirus
- Imperva CDN
- Linux, Unix, and Windows operating systems
Required Skills and Experience
- Bachelor’s degree or higher
- 3+ years of IT security experience including PCI
- CISSP® - Certified Information Systems Security Professional
- GSNA - GIAC Systems and Network Auditor
- GSEC - GIAC Security essentials
- GISP - GIAC Information security professionals