Senior Systems Security Engineer

US-TX-Dallas
Requisition ID
2017-4354
# of Openings
1
Category
Technology

Overview

This position will provide leadership and technical expertise in designing, planning, implementing, managing and supporting enterprise systems security to include incident response.

Responsibilities

  • Coordinate with Business Units, including IT, to ensure proper security of all systems and data
  • Assist with creating, documenting, disseminating and enforcing security policies, procedures, and standards.
  • Perform information security risk assessments and serve as security expert for internal and external security audits
  • Perform information security risk assessments for vendor risk management processes
  • Perform internal penetration testing and oversee third party penetration testing (vendor selection, scope, address findings, etc.)
  • Palo Alto experience to facilitate rule review, firewall change request appropriateness, and ownership of security-layer rules (ex. IPS and Antimalware).
  • Review and analyze IDS/IPS, Firewall, Antimalware, and other critical logs along with output from security tools in order to identify potential malicious activity and possible misconfigurations that could lead to data loss.
  • Research and advise the organization of current information security technologies, related regulatory requirements, industry standards and relevant security topics, issues and risks
  • Develop detailed documentation and reporting of security and networking metrics to ensure that there are no gaps in the security infrastructure.
  • Identify, plan and lead security projects and tasks necessary to assess, optimize, proactively manage and maintain security of enterprise systems and infrastructure. Recommend best practices on all IT initiatives from a security perspective
  • Provide technical guidance of compliance efforts for enterprise, client and regulatory security/privacy rules, requirements and best practices
  • Efficiently troubleshoot all security related issues and problems to ensure a timely identification of root cause, appropriate resolution and detailed documentation and briefing of the incident to applicable entities
  • Implement new security technologies
  • Train and mentor team members in a matrix management model
  • Work with third parties and internal teams to develop security architecture and provide guidance for deployment of new technologies and integration with existing technologies. Examples include microsegmentation (ACI) and Hadoop projects.
  • Complete any other assigned tasks as necessary

Qualifications

  • Minimum of 10 years of demonstrated experience in information security, privacy or a data protection-related function, and systems engineering
  • Experience working with Encryption, Internet Security, Network Access Control, Data Leakage Prevention, Security Configurations and Risk Assessment, plus proven skills with tools and techniques used to provide security controls and monitoring is required
  • Demonstrated understanding of how data flows through an organization, associated risk and appropriate mitigating security controls/actions to take
  • Proven knowledge of and experience with security technologies such as intrusion detection/prevention, event management, and encryption
  • Proven knowledge of security frameworks (ISO 2700x, NIST, COBIT)
  • Proven knowledge of the U.S. privacy and security regulatory landscape ( HIPPA, GLBA, etc.)
  • Preferred knowledge and experience with HITRUST controls for compliance and/or HIPAA compliance programs
  • Ability to correlate enterprise risk with appropriate administrative, physical and technical security controls
  • Experience working with vendor management and associated privacy and security controls
  • Technical knowledge: Windows Active Directory, UNIX, Cisco, Network/Host-based IDS, SIEM, DES encryption, Digital Certificates, SSL, VPN, IPSec, TCP/IP, DNS and web security architecture, Antivirus/Antimalware and content management tools
  • Strong knowledge and experience with diagnostic tools, enterprise applications, TCP/IP and networking
  • Experience hardening and securing cloud and microservice environments; email (prem on off prem); VMware and VDI environments; MDM environments; Application servers ( IIS, Apache, Tomcat, Weblogic)
  • Scripting experience (JavaScript, Perl, Python)
  • Excellent communication skills, both written and oral
  • Security Tool Experience (preferred): Palo Alto, Tenable Security Center (Nessus) or similar vulnerability scanning tool experience, Metasploit Pro or similar penetration testing tool experience

EDUCATION

  • Security Certification(minimum of one is required): CISSP, CRISC, GIAC, CISA, or equivalent
  • Technical Certifications (preferred): CCIE, ITIL, CCNA, CCNP, MCSE, ITIL, CEH   Microsoft Certified IT Professional: Enterprise
  • Administrator certification or similar Microsoft certification preferred
  • BS in Computer Science, Engineering or related field (or equivalent work experience)

Wunderman is Creatively Driven. Data Inspired. A leading global digital agency, Wunderman combines creativity and data into work that inspires consumers to take action and delivers results for brands. Wunderman has been widely recognized for its work. Forrester Research named us a leader in marketing database operations and a strong performer in customer engagement strategy*. Headquartered in New York, we have 9,200 creatives, data scientists, strategists and technologists in 200 offices in 70 markets. Wunderman is a ‘team first’ culture committed to creating an environment where people come to do the best work of their careers.  * The Forrester Wave™, Customer Insights Services Providers, Q4 2015

 

Wunderman is an equal opportunity and affirmative action employer. (Minority/Female/Veteran/Individuals with Disabilities/Sexual Orientation/Gender Identity.)

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed

Stay updated with Wunderman!

Coming Soon!!