Jobs · Information Technology · Texas

Information Security Engineer

Yondr Group · Dallas, TX · 2 wk ago
Information TechnologyFull-time

Main Responsibilities

  • Drive the evolution of the company’s Information Security standards to maintain best practice and alignment with corporate policies and regulatory requirements
  • Be hands on in managing and maturing our security technology and processes
  • Investigate and respond to information and cybersecurity incidents
  • Provide consultation and/or education as needed and drive the adoption of security as a value add/best practice
  • Work in partnership with stakeholders, to ensure all projects, changes, IT standards and procedures are compliant with Information Security Standards and Policies
  • Manage (third party) penetration testing and facilitate any subsequent remediation activities
  • Act as a subject matter expert on matters of Information security relating to Yondr
  • Conduct 3rd party risk assessments to ensure suppliers are aligned with our security standards and fall within our risk tolerances
  • Manage phishing platform, training and related reporting
  • Provide guidance and subject matter expertise on processes, controls, and objectives around audit and information security activities, best practices, and process improvements
  • Conduct vulnerability assessments, risk analyses, and remediation tracking to drive the attack surface management program
  • Conduct Identity and Access Management entitlement reviews of key platforms and applications
  • Engage in audits, compliance assessments, and regulatory security requirements
  • Maintain documentation related to security processes, incidents, and compliance requirements

Qualifications and experience

  • Experience with regulatory and compliance standards; ISO27001, SOC2, PCI DSS
  • 5+ years experience working as an information security professional within a medium to large sized global organisation
  • Proven experience implementing, maintaining and leading an effective information security control assurance programme
  • Strong stakeholder management and communication skills, including technical members of staff and senior non-technical business leaders
  • Applied working knowledge of networking principles and the OSI model to evaluate control effectiveness and support investigation of network-based security incidents
  • Background in working with international organizations that provide 24x7x365 operations
  • Must understand OT, Network and Zero-trust architecture
  • Understanding of email security tools, vulnerability management, penetration testing and remediation
  • Strong analytical, troubleshooting, and problem-solving skills
  • Information Security, alongside significant knowledge and experience of Cyber security
  • Working knowledge of Microsoft Sentinel, Qualys, Microsoft Defender, Knowbe4 are essential
  • Exposure to Microsoft Purview, MDR services, UBA and IT/OT network environment are desirable
  • Excellent verbal and written communication skills
  • Ability to manage multiple priorities and work independently or within a team environment
  • Relevant certifications preferred, such as:
    • CISSP
    • Security+
    • CISA
    • CEH
    • GSEC
    • Microsoft Certifications

Similar jobs

Information Security Engineer

Jefferson County, ColoradoGolden, CO· 6 days ago
Information Technology$118k–$122k/yrapply on jefferson.wd5.myworkdayjobs.com

Information Security Engineer

Allspring Global InvestmentsMilwaukee, WI· 3 wk ago
Information Technology$70k–$95k/yrapply on careers-allspringglobal.icims.com