Receive alerts when this company posts new jobs.
Principal Security Engineer (ID Analytics)
ID Analytics, a Symantec company, is a leader in credit and fraud risk solutions with patented analytics, proven expertise and up-to-the-minute insight into consumer behavior. Founded in 2002, with a vision to think differently about how institutions solve the problem of verifying consumers’ identities, we now solve a full range of identity challenges, including assessing credit risk and improving online customer experience. Our tools help our clients protect themselves and their customers from identity risk and fraud. Our solutions are all powered by analytics, but it’s our access to data unseen by other bureaus that differentiates our solutions. We are looking for an experienced Security Engineer to join our team.
The Principal Security Engineer position is part of the Information Security team at ID Analytics and will be responsible for configuring, deploying, and maintaining security technologies aimed at protecting the company’s information technology assets and data. In addition, this role will be responsible for monitoring security sensors and reviewing logs to identify potential security threats and vulnerabilities and will ensure that the output from security tools can be consumed and actioned by the appropriate teams. More specifically, the team is responsible for identifying, documenting, and assessing Information Security risks within the environment and partnering closely with the key stakeholders across the company to perform required remediation. We are looking for a very self-driven individual with excellent hands-on technical ability combined with strong teamwork and communication skills.
- Partner with stakeholders across the company to align on security technologies and initiatives.
- Review software and hardware to ensure security requirements are met, and provide recommendations on new security software and hardware investments.
- Actively lead proof-of-concepts for new security technologies by developing and maintaining standards and selection criteria to identify appropriate security solutions to support strategic operational needs and security requirements.
- Develop and enhance security orchestration, automation, and response capabilitites
- Monitors, evaluates, and maintains complex security systems according to industry best practices to safeguard internal information systems and databases.
- Assess networks, systems, and applications to identify, report on, and provide guidance in remediation gaps by recommending mitigating controls.
- Interface with all levels of business within the organization to identify, define, document, and implement risk assessment solutions to improve overall risk posture.
- Design, configure, and implement processes to alert of potential issues that impact operations not working as designed or intended.
- Develop and implement detection use cases to detect potential security risks and assist with incident response activities, as required.
- Review potential vulnerabilities to determine impact and collaborate with key stakeholders to perform required remediation activities.
- Provide technical leadership and mentoring to team members.
- BS in Computer Science or a related field. An equivalent combination of education and experience may be substituted for the degree requirement.
- At least five years of experience in information security or information technology.
- At least five years of experience in security related technologies (i.e. antivirus, IDS/IPS, firewalls, SIEM, FIM, database monitoring, etc.). Hands-on experience with multiple security tools and technologies that cover a breadth of security disciplines.
- At least five years of experience in Linux and Windows administrator and/or network administrator.
- At least two years of experience in one or more scripting languages (i.e. Perl, Ruby, python, etc.) with the ability to write complex scripts.
- Experience in securing and developing security policies for cloud-based infrastructure (i.e. Azure, AWS, etc.)
- Experience in designing and building enterprise monitoring capabilities.
- Hands-on experience in designing, implementing, and operationalizing output from various security technologies to make the information actionable for internal customers.
- Hands-on experience in integration of disparate tools. Technical proficiency in API calls to enable integration.
- Familiarity with generally accepted information security governance framework (i.e. PCI DSS, ISO 27001, etc).
- Demonstrated ability to troubleshoot issues in a complex technology environment.
- Strong problem solving skills.
- Excellent communication (both oral and written), organizational, and customer service skills. Ability to interface with all levels within the organization, vendors, customers, prospective clients, auditors, etc.
- Capable and self-motivated to quickly learn new technologies (scripting languages, technology frameworks, etc).
- Previous experience working a highly regulated industry that collects personally identifiable information (PII).
- Experience with designing, developing, and implementing applications to solve challenging security issues
- In-depth knowledge and expertise in one or more security disciplines: vulnerability management, patch management, configuration management, threat monitoring, identity and access management, data loss prevention, database monitoring, file integrity monitoring, incident response, etc.
- Previous experience in representing security on Change Advisory Board (CAB) to provide approval for technology changes required for the business.
Symantec is proud to be an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive and accessible environment for all employees. All employment decisions are based on merit, experience, and business needs, without regard to race, color, national origin, age, religion, sex, pregnancy (including childbirth or related medical conditions), genetic information, disability (physical or mental), medical condition, marital status, sexual orientation, gender identity or gender expression, military or veteran status, or any other consideration made unlawful by federal, state, or local law. Symantec strictly prohibits unlawful discrimination based on such protected characteristics and seeks to recruit the most talented candidates from diverse cultures and backgrounds.
We also consider for employment qualified individuals with arrest and conviction records. In addition, Symantec will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. Learn more about pay transparency.
Symantec Corporation (NASDAQ: SYMC), a global leader in cyber security, operates one of the world’s largest cyber intelligence networks allowing organizations, governments, and people to secure their most important data wherever it lives. Enterprises across the world rely on Symantec for integrated cyber defense against sophisticated attacks across endpoints, infrastructure, and cloud. More than 50 million people and families rely on Symantec’s Norton and LifeLock Digital Safety Platform to help protect their personal information, devices, home networks, and identities at home and across their devices.
Relentlessly protect the world’s information. Make a difference at Symantec. Across the globe, we are an ‘essential’ partner to both consumers and businesses of all sizes. We combine our talents, our brains, and our creative energy to reinforce our place as a world-class technical community.
Our most critical asset at Symantec is the talent we hire - you! We look for people who have a desire to excel and reflect our values: Innovation, Action, Customer-Driven, and Trust. We recognize that every opening in our company is a chance to increase Symantec's competitive advantage, and we are willing to invest in you in order to win.
Symantec is committed to requests for reasonable accommodations to assist you in applying for positions at Symantec including resume submissions. If you need to request an accommodation, please reach out by email to Talent Acquisition or contact HR Service Exchange.