Information Security Engineer III

About The Position

Requirements

• Bachelor degree in Management Information Systems (MIS), Computer Science or related field
• 7+ or more years of Information Security or IT audit experience
• In-knowledge of intrusion detection/prevention systems and network architecture
• Knowledge of asset, configuration, and data security management best practices
• Knowledge of Cloud Security Methodologies and deployment approaches, and ability to engage in security discussions pertaining to Private/Public Cloud Providers, and IaaS, PaaS, and SaaS models
• Knowledge of threat vector analysis, modeling, and attack trees in designing cyber security controls
• Experience in, or knowledge of Audit and Assessment of 3rd Party Providers, including onsite assessment, SOC Reviews, and reviews of BITS SIG, or Cloud Security Alliance (CSA) documentation

Nice To Haves

• Experience in in information security technology such as firewall, intrusion detection systems (IDS), Identity Access Management (IAM), anti-malware and SIEM technologies
• Knowledge of Network and TCP/UDP architecture
• Strong written and verbal communication skills, ability to effectively communicate across all levels of the Company and attention to detail
• Prior experience in a compliance and regulatory environment related to security and privacy including security compliance standards across industries such as; GLBA, PCI, ISO 27001, HIPAA, SOC, SOX
• Certifications: CISSP or CISA preferred.
• The preferred candidate would be current in the latest development technologies including Java & J2EE, Active Directory, Web application server implementation/deployments, LDAP, and Identity Management with a history of hands-on development skills in these areas.

Responsibilities

• Responsible for developing integrations between enterprise identity management and target systems
• Investigates and implements process and performance enhancements to existing code base
• Works with Identity Management architect to design new integration's
• Develops and executes functional test scripts
• Generates work estimates for use in project planning activities
• Supports application change process
• Report on development activity status to senior team members
• Provide application usage guidance for L1 support staff
• Submit, update, and track support requests with software vendors
• Follow project management and SDLC disciplines to insure structured and effective implementations
• Design, develop, and test custom implementations
• Investigate vendor-provided connectors for future integrations
• Create, maintain, and execute test plans for new and modified components
• Participate in code and configuration review processes
• Provide development guidance to junior team members
• Follow SDLC process and team best practices in all activities
• Maintain up-to-date knowledge on all internal best development practices as it relates to IT Security.
• Work with internal/external developers as required making sure they are following and implement IT security best practices.
• Develop as needed coding to support IT security based applications utilizing the IT security application tools.
• Support all audit, SSAE16 and other related data inquires.
• Maintain training materials for system users
• Investigate issues reported by L1 support and provide remediation guidance
• Support change process to migrate updates to Production
• Required to handle as required on-call support for identity management systems.