Cyber Security Compliance Specialist

Other jobs >> General

Negotiable

Permanent

Description

The Cyber Security and Compliance Specialist is an integral member of Sage

Intacct s security team which has overall information security responsibili

for the enterprise. This position can be described as a very broad-based

position and will provide the candidate exposure to many facets of Information

Security across product, operations, engineering, IT and compliance. This

position requires hands-on experience in security engineering, architecture,

administration of security technologies and experience with data analysis and

risk management. This position will require collaboration with Engineering, QA,

Operations, Product Management, Support and other departments to ensure

compliance with policies and other activities which impact the confidentiality,

integrity and availability of our application, infrastructure and business

processes.

Responsibilities:

* Product Selection, deployment, administration and operation of security

solutions such as vulnerability scanning and pen testing tools, log

aggregation & analysis tools, data loss prevention / CASB systems,

intrusion prevention devices and other tools as necessary

* Maintain up-to-date detailed knowledge of the information security

industry, including awareness of new or revised security solutions,

improved security processes and the identification of current and new

attacks and threat vectors especially as it relates to Sage Intacct and

its customers.

* Provide recommendations and limited administration of security products

and services to include firewalls, encryption technologies, patching,

certificate management, anti-virus, email security controls, intrusion

detection/prevention, identity and access management and security

scanning and assessment tools for both traditional on-prem and AWS

environments.

* Conduct security audits and assessments, analyze results, identify

remediation activities and/or compensating controls and track remediation

efforts to completion.

* Conduct security architecture reviews, provide recommendations and track

remediation efforts

* Develop metrics to measure and track compliance, risk and the

effectiveness of the information security program

* Respond to customer or other third-party inquiries

* Assist in evidence generation, collection and other activities in support

of the following compliance requirements: SSAE 18, SOC 2, PCI, HIPAA,

CCPA, GDPR, Privacy Shield, ISO 27001

* Participate as a member of the Incident Response Team by conducting

forensic analysis and troubleshooting to assist in the containment and

remediation of security incidents

* Identify security issues and provide the appropriate resolution or make

recommendations to Sr. Management on how to resolve or identify

compensating controls related to security findings

* Perform security event monitoring and analysis, network traffic analysis,

log analysis and prioritize/differentiate between potential intrusion

attempts and false alarms

* Participate in periodic information systems risk assessments.

Requirements:

* Bachelor s degree in an information technology discipline or equivale

IT experience required

* Relevant IT or security certifications including CISSP, CISM, CRISC, CEH

or SANS certs are expected

* Extensive experience (5+ years) in information security operations and/or

related IT operational functions

* Requires demonstrable background in: security products and technologies;

security engineering/architecture, networking protocols, security

analysis and investigations

* Understanding of malware kill chain and pervasive threat attack methods

and remediation

* Demonstrable ability to analyze network packets and log data utilizing

tools such as Snort, Wireshark

* Experience administrating and auditing AWS Security Services, such as

Guard Duty, AWS Config, CloudTrail, CloudWatch

* Experience with data analysis tools to include SumoLogic and

ElasticSearch. Build relevant dashboards and alerting rules

* Experience administering and auditing Cisco ASA and Palo Alto Firewall

configuration and rules

* Programming experience in scripting languages such as Windows PowerShell,

Python, Perl, Bash, etc., highly desirable

* Ability to multitask, prioritize, coordinate, work well under pressure

and meet deadlines

* Excellent written and verbal communication skills, interpersonal and

collaborative skills, and the ability to communicate security and risk-

related concepts to both technical and non-technical audiences

* Must be a critical thinker with strong problem-solving skills and a "can-

do attitude

* Must have experience with MS Office products with a strong working

knowledge of Excel Pivot Tables and Charts.

* Must stay up to date with current vulnerabilities, attacks, and

countermeasures

* Must be able to and willing to work independently with minimal amount of

supervision

Show moreShow less
  • 1
  • Negotiable
  • None
  • None
  • Re-145008
  • Permanent
  • 13

How to Apply: Please click here to create a free Pure-jobs.com account and post your resume. Only logged in job seekers can apply for a job.

Find us at:

Never provide bank account, credit card details or any other financial information, or make any form of payment, when applying for a job. If you are ever asked to do this by a recruiter on Pure Jobs please click the Report button or contact us with the advertiser's company name and the title of the job vacancy. You should not send any money to anyone. A genuine employer with a job offer would never ask you to do this.

Report this job
x

Report a job

If you're concerned about a job advert, let us know and our quality team will investigate.

Your name(*)
Invalid Input

Your email address(*)
Invalid Input

Please select you reason(*)

Additional information(*)
Invalid Input

Invalid Input



Subscribe to updates from our blog

PLEASE NOTE! WE USE COOKIES AND SIMILAR TECHNOLOGIES FOR THE BEST USER EXPERIENCES

However, by continuing to use the site without changing settings, you are agreeing to our use of cookies.