Cyber-Security Application Engineer
Location: St Louis, Mo
Status: Corp 2 Corp -Contract to Hire possible
Salary: Market Sr
Close Date: 6 months +to Hire
Requirement ID 001146
Title Cyber Security Application Engineer
Posted Date 12/18/2017
Rate Range up to $100/hr
Duration 6 month
# of Positions 1
Right To Hire 6 Months
Job Description Summary:
Through our people-centered practices, strong community partnerships and wellness initiatives, we offer employees the opportunities to improve their careers, their community and their health.
People-Centered Practices Maritz’ focus on the science and art of people and potential extends to our own employees. With personalized programs and an inclusive culture, employees have the chance to improve their professional skills, recognize one another for special achievements, and enjoy an excellent work-life balance.
Maritz IT Services has an opening for a Cyber Security Application Engineer. This role will support the Information Security initiatives within IT Services driven by our Enterprise Cyber Security Architect. The full job description and qualifications are below. Candidates need to work in St. Louis, MO with the ability to work onsite 4-5 days per week.
The Cyber Security Application Engineer provides security oversight to the Maritz computing environment across several business lines. This engineer is responsible for consulting with various technical teams and business units providing guidance and effective security solutions to enable the business while maintaining compliance and best practices. The position will work closely with the Cyber Security Center, System and business owners to ensure appropriate security controls are in place, and security policies are being effectively employed to minimize threats and risk to the overall environment. The individual must have a passion for security and will participate in round table discussions.
Responsibilities and Duties:
•Proactively work security issues and incidents to identify root cause and recommend fix.
•Consult with developers to provide code review and alternate solutions where appropriate to maintain best practices while reducing the attack surface and minimizing risk.
•Validate IT security solutions collaboratively with infrastructure and application development project teams ensuring that corporate security policy, standards and industry best practices are met.
•Raise awareness and assist in the communication of security policies and regulatory requirements, providing recommendations to maintain compliance.
•Assist with security mitigation and remediation efforts as needed.
•Deploy and configure technology, collaborating with IT Infrastructure teams and vendor product professional service partners.
•Drive the selection, POC, implementation and operational deployment of new security technology solutions to ensure the confidentiality, integrity, and availability of Maritz assets.
•Act as system owner for security technologies and, working with the IT infrastructure team, ensure they remain properly maintained.
•Provide security consulting services, as needed, to various projects and business units.
•Build effective relationships with stakeholders who own and support applications, IT infrastructure, and operations. Gain commitment from stakeholders and project teams to implement recommended security controls.
•Assists information security compliance activities in support of audit and assessment activities, including customer, PCI, and internal audit reviews.
•Can be counted on to meet or exceed goals; pushes self and others for results; is a conscientious worker who can be relied upon to handle unforeseen obstacles.
•Deals with problems as they arise, focusing energy and resources on those situations until resolved; identifies new opportunities and takes action; takes on new responsibilities when needed.
•Participate with table top exercises.
5+ years of overall IT professional experience, with 3+ years of information security.
Experience with code review process
Understanding of controls (e.g. access control, auditing, authentication, encryption, integrity, physical security, and application security) and OWASP Top 10
Excellent written and oral communication skills.
Working knowledge of the Cybersecurity Framework, ISO27001 and compliance requirements such as PCI, SOX, and HIPAA.
Hands-on troubleshooting, analysis, and technical expertise to resolve security events; previous experience in troubleshooting day-to-day operational processes such as security monitoring, data correlation, researching events, etc.
Prefer BS in Engineering, Computer Science, Information Security, or Information Systems or equivalent work experience.
Security certifications (CISSP, CISM, CEH, or similar certification desirable).
Job Code: 1146 -12/18/17
Jim Jennings 636-484-6869