Information Security Engineer, III

🕒 il y a 2 mois

🇺🇸 États-Unis – Télétravail

💵 $91 438 - $118 750 / an

⏰ Temps Plein

🟡 Intermédiaire

🟠 Senior

👮‍♂️ Cybersécurité / Ingénieur Sécurité

🦅 Parrain de Visa H1B

Cette entreprise a parrainé des visas H1B par le passé.

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Conduent

Site WebLinkedInTous les Emplois

10 000+ employés

Fondée en 2017

🤝 B2B

🛍️ eCommerce

🏛️ Gouvernement

💰 Venture Round en 2009-01

B2B • eCommerce • Government

Conduent est un fournisseur de solutions technologiques qui rationalise les opérations commerciales tant pour le secteur public que pour les entreprises privées. Spécialisé dans l'amélioration des expériences client grâce à l'automatisation et à l'analyse, l'optimisation des opérations financières et l'offre de solutions RH complètes. Axé sur l'amélioration des efficacités opérationnelles, Conduent offre une variété de services, y compris des solutions de contact client, des solutions de gestion pour le secteur de la santé, et des solutions pour les agences de transport, répondant efficacement aux besoins de bout en bout de leurs clients.

Description

• The Information Security Engineer III serves as a member of the NIST CISO Audit & Assurance team and will assist in the performance of internal audits, ensuring they comply with applicable Conduent and ISO security standards, regulations, and policies. • The internal auditor will be professional, independent, impartial, and fair in all interactions. • The NIST security resource is accountable for procedures and processes that ensure the integrity, confidentiality, and availability of assigned Business units’ information, applications, and infrastructure. • The resource will perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps and vulnerabilities. • This position will be responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units. • Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: IPS/IDS alerts; change detection (FIM) alerts; application firewall alerts; malware alerts; rogue wireless network alerts; security system health alerts; exploit attempt alerts. • Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: audits of system security to ensure compliance with Corporate security framework; NIST 800-53, ISO 27001/2, PCI-DSS; emerging country, state, and Federal privacy laws. • Primary POC in a vulnerability management program of the account that includes: external and internal vulnerability scans of applications and systems; external and internal penetration tests of applications and systems; documentation and remediation of identified vulnerabilities and exploits; routinely monitoring various communication avenues for security vulnerabilities and security patches; taking a risk-based approach comparing those security vulnerabilities and security patches across the operating environments; making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities. • Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement. • Acts as the initial point of contact to facilitate the handling of security audits and client requests. • Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies. • Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units.

🎯 Exigences

• CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus. • Minimum of Five (4 to 5) Years of experience in IT Security, or Security Auditing is required. • Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc. • Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures. • Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls. • Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter. • Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences. • Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks). • Experience in PowerPoint, Word, Excel; experience with Visio and MS Project. • Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations. • Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus. • Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally.

🏖️ Avantages

• Health and Welfare Benefits: Our health and welfare benefits can be tailored to fit you and your family's needs and start on the first day of employment. • Retirement Savings: We will support you as you save for your future. • Career Growth Opportunities: We help you thrive, so together, we can grow. We provide opportunities to advance your career with a vast portfolio of businesses and a global footprint. • Paid time off: We provide attractive paid time off packages designed for you to enjoy your life away from work. • Great Work Environment: We are proud of our award-winning culture and the recognition we’ve received for our diversity efforts.