YPO

IT Security Engineer

Job ID
2021-2023
# of Openings
1
Job Locations
US
Posted Date
2 months ago(5/27/2021 10:02 PM)

Overview

This role protects the confidentiality, integrity and availability of YPO information technology assets by minimizing security risks within the organization’s infrastructure. Designs, implements and maintains security controls on YPO systems.

Responsibilities

• Design and implement security architecture to protect the CIA of YPO assets against unauthorized access, service outages and cyber-attacks.
• Install and maintain software intended to notify of unauthorized access, intrusion attempts, vulnerabilities and malicious or irregular system behavior.
• Implement and maintain cloud-based governance controls.
• Deployment of security best practices and the creation of SOPs that support them.
• Configuration management and administration of security tools and software.
• Lead containment efforts to minimize incident impact and forensic investigations to identify the origination of incidents as a member of the CSIRT. Follow the IRP to escalate to the Technology Operations Director and engage with 3rd parties as needed.
• Attend regular meetings with security partners to improve security posture.
• Implement automation for repeatable tasks where possible.
• Work with infrastructure team to mitigate identified vulnerabilities and threats.
• Continuous hardening of endpoints, infrastructure, databases and applications.
• Promptly resolve security related requests in the security queue.
• Produce reporting metrics to measure the effectiveness of the security controls.
• Participate in the selection, deployment and administration of security tools and partners that improve security posture.
• Keep abreast of security industry trends, emerging cyber security threats, security tools, best practices and applicable compliance regulations.
• Review the technical architecture of new projects for compliance with security standards.
• Provide guidance to software development teams to incorporate security best practices.
• Continuous tuning of alerting and notification systems.
• 24/7 escalations response.

Qualifications

• Ability to function within an Incident Response Team (IRT) for detection, containment, remediation and reverse malware analysis and exploit research.
• Experience working within or partnering with a SOC.
• Extensive working knowledge of cloud infrastructure, virtual platforms, encryption technologies, endpoint protection, network systems such as routers, firewalls and load balancers, email transport systems and related security controls.
• Strategic planning to harden systems and close vulnerabilities.
• Understanding of database and operating system security.
• Knowledge of networking protocols and commonly used ports.
• Awareness of potential attack vectors such as XSS, social engineering, phishing, etc.
• Hands on experience with firewalls, MFA, VPN, DLP, IDS/IPS, IAM, log management, content filtering, malware prevention/removal, honey pots, endpoint security, SIEM.
• Knowledge of disaster recovery, computer forensics and risk assessment concepts.
• Ability to read and understand malicious codes.
• Ability to work within an environment of frequently changing priorities.
• Analytical, detail-oriented, problem solver.


EXPERIENCE/BACKGROUND
• 2 years hands on experience managing security tools in an information security role.
• Experience as a system admin supporting multiple platforms and applications.
• Experience working in a SOC or partnering with an MSSP
• Experience as a member of an incident response team.
• Globally diverse environment with 24/7 SOC.


EDUCATION/TRAINING/CERTIFICATION
• Bachelor’s Degree in Information Technology, Cyber Security, Computer Science, System Engineering or equivalent work experience.
• Industry recognized certifications in information security with at least one obtained from ISACA, ISC2, GIAC, EC-Council, or CompTIA.

 

PHYSICAL REQUIREMENTS
• Ability to work flexible and/or extended hours as needed to accommodate members and team members in multiple time zones.
• Ability to work for extended hours at a computer screen.
• Willingness and ability to travel, domestically and internationally, without restrictions, approximately 5% per year.

EOE

YPO is an equal opportunity employer. YPO takes pride in supporting a diverse workforce and demonstrates this through its policies and practices. YPO does not discriminate in recruiting, hiring, training, promotion or other employment practices for reasons of race, color, religion, gender, national origin, age, sexual orientation, marital or veteran status, disability or any other legally protected status.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Connect With Us!

Not ready to apply? Connect with us for general consideration.