Information Security Engineer

Job Title: Sr. Engineer, Enterprise Information Security

Location: Bellevue WA

Duration: 9 Months (with high possibility of extending into full time)

Job Description:

SR. SECURITY ENGINEER SKILLS & RESPONSIBILITIES

• Act as a trusted technical advisor with key security stakeholders at all levels of the organization for a variety of information security projects that arise from current business and technological developments

• Hands-on experience supporting network, operating system, database, application & data layers across multiple platforms and technologies

• Ability to assess risks and provide innovative countermeasures and solutions that appropriately balance security and business requirements

• Ability to step into an uncontrolled space and bring security structure

• Provide guidance to security analysts, PMs, business partners and IT leadership when new projects are introduced to the business or new risks are identified

SECURITY DESIGN ASSESSOR

• Ability to consult internally with Sr. Engineers (Application, Network, DevOps) to apply security principles and best practices that meet business objectives

• Experience controlling the threat surface area, identifying attack vectors, vulnerabilities and establishing appropriate controls. Can build a threat model

• Evaluation & assessment of compliance to a regulation, law or policy using industry standard methodologies (ISO27001, COBIT, NIST, etc.) in an enterprise environment

Required Qualifications:

INTERNAL TOOLS

• Evaluate, recommend, and implement commercial hardware and software security products to augment and enhance the Company enterprise security program

• Hands-on experience installing, configuring, and supporting security related hardware and software such as Certificate Management, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing & Logging, and Vulnerability Management

• Ability to learn a new technology and drive it from ideation through deployment and integration to fully automated and operationalized

• Ability to automate basic integration, data collection, scripting and reporting tasks via secure coding standards

TEAMMATE

• Ability to work on multiple tasks simultaneously, set priorities, communicate delivery expectations, and meet deadlines

• Innovative, collaborative and able to solve problems independently

• Able to work within the team to build measurable, repeatable processes

• Strong verbal and written communication skills

QUALIFICATIONS

• 5+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN, Application Security SAST/DAST, etc.

• 5+ years information security experience preferred

• Proven ability to assess and influence capital project design and delivery decisions

• Proven ability to assess, recommend, deploy and integrate Information Security tools

• Foundational understanding of several enterprise environment technologies

• Working knowledge and experience in multiple ISC2 security domains

• Familiarity with current legal and regulatory requirements around information security and privacy, including PCI, SOX, HIPAA, GLBA, etc

• Ethical Penetration Testing experience preferred

• Available for work in Bellevue, WA (Factoria)

• CISSP Preferred.

• 5+ years information security experience preferred,  5+ years of IT infrastructure proficiency and experience that could include one or more of: Encryption, Tokenization, Forensics/eDiscovery, Penetration Testing, Firewalls (OS, WAF), Proxies, Gateways, Routers, VPN, Application Security SAST/DAST, etc.,  CISSP Preferred.

All your information will be kept confidential according to EEO guidelines.