Principal Engineer Security Services

Detalles de la oferta

**Principal Engineer Security Services**

The Principal Engineer Security Services will play a crucial role in ensuring the ongoing security and protection of our company's information assets. They will be responsible for designing, developing, and overseeing the implementation of cybersecurity solutions to safeguard our systems, networks, and data. The Principal Engineer Security Services manages day-to-day security operations, participates in compliance and audit activities, and will establish and maintain effective security measures. This position requires a strong technical background, exceptional problem-solving skills, and a thorough understanding of security best practices.

Responsibilities:
Cybersecurity Strategy and Architecture:

- Architect, design, recommend, implement, and maintain security controls, countermeasures, and procedures in acquisition, development, business processes, and change management lifecycle of information systems; provide oversight to ensure compliance
- Develop and document security policies and processes based on common information security management frameworks (ISO 27001, SOC2)
- Lead the development of the organization's cybersecurity strategy and provide expertise in creating a secure architecture for IT systems and networks
- Collaborate with cross-functional teams to ensure cybersecurity measures align with business goals and regulatory requirements

Security Operations and Incident Response:

- Oversee security operations, including threat monitoring, detection, and incident response
- Develop and maintain an incident response plan, including procedures for handling security incidents, communication protocols, and post-incident analysis
- Monitor information systems for security incidents and vulnerabilities
- Administer and mature Data Loss Prevention and Information Protection policies and solutions
- Oversee the response to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
- Lead and coordinate incident response efforts to contain, investigate, and mitigate cybersecurity incidents effectively

Vulnerability Management:

- Develop and manage vulnerability assessment and penetration testing programs to identify and remediate security vulnerabilities in a timely manner
- Track and report on the status of vulnerability remediation efforts
- Consult with internal development teams to anticipate threats, advise on defensive coding strategies and remediate vulnerabilities in software
- Proactively anticipate and assess potential items of risk and opportunities of vulnerabilities in the network and systems
- Manage security information and event management (SIEM) systems, analyze logs, and detect potential security breaches

Security Compliance and Auditing:

- Mature and maintain Information Security Management System (ISMS) and further develop security policies, standards and procedures in support of ISO 27001 certification
- Participate in internal and external security audits and risk assessments/reviews, including third-party software, service providers, customers, partner, and vendor audits
- Conduct regular internal security reviews and risk assessments, identify gaps, and recommend appropriate corrective actions

Security Awareness and Training:

- Promote a culture of security awareness across the organization through the development and implementation of regular training programs, awareness campaigns, and communication initiatives
- Provide technical information to systems engineering programs, team members and managers to ensure awareness and compliance with industry standard security best practices
- Provide guidance and training to employees on security best practices, policies, and procedures

Emerging Technologies and Threat Intelligence:

- Monitor industry trends, technologies, threat intelligence, and vulnerability disclosures to stay informed about new vulnerabilities and emerging threats; educate stakeholders and provide recommendations on integration into the organization's security strategy

Security Documentation and Reporting:

- Prepare and maintain accurate and up-to-date security documentation, including policies, procedures, standards, controls, and guidelines
- Prepare regular reports for management on the state of cybersecurity, including risk assessments and key performance indicators (KPIs)
- Develop and deliver clear, concise, and actionable vulnerability reports and recommendations to various stakeholders, including executive leadership, IT, and development teams

Requirements:

- Bachelor's degree in Computer Science, Information Security, or a related field
- 5+ years of experience in IT with a focus on IT security
- Proven experience in information security engineering/administration roles, with a focus on security operations and incident response
- Deep knowledge and experience with cloud security principles
-


Salario Nominal: A convenir

Fuente: Whatjobs_Ppc

Requisitos

Senior Software Engineer (Imaging)

Full-time Employee Status: Regular Role Type: Hybrid Department: Product Development Schedule: Full Time Shift: Day Shift **Company Description**: **Ab...


Experian - Heredia

Publicado a month ago

Senior Software Engineer (Imaging)

**Company Description** About us, but we'll be brief** Experian is the world's leading global information services company, unlocking the power of data to c...


Experian - Heredia

Publicado a month ago

Erp Systems Analyst I

Job Scope and responsabilities: - Application Support - Incident Management - Requirements gathering, documentation, and development of Test Scenario's - Doc...


Te Connectivity - Heredia

Publicado a month ago

Mail Room & Workplace Coordinator

JLL supports the Whole You, personally and professionally. The Mail Room/Workplace Coordinator ensures efficient and organized mail operations and supports ...


Jll - Heredia

Publicado a month ago

Built at: 2024-11-14T14:07:11.731Z