IT Security Engineer
Are you ready for a career where fun means business? Join us at Oriental Trading Company, a Berkshire Hathaway Company!
As our IT Security Engineer, you will be responsible for assisting in the development of information security policies and procedures on an organizational level. This position is also responsible for the execution and maintenance of security solutions, associate education, training and awareness activities, monitoring compliance with enterprise IT security policy and applicable law, and coordinating investigation and reporting of security incidents. Collaborating with other internal stakeholders, the incumbent will monitor, assess and fine-tune SIEM reporting, perform network penetration tests, application vulnerability assessment scans and risk assessment reviews in accordance to security best practice and PCI compliance.
In this role you will...
1. Develop customized solutions within various tools and utilities that ensure organizational systems are secure and protected.
2. Collaborate with internal and external stakeholders to ensure applications are properly vetted for security risks before going live.
3. Assess potential systems and processes vulnerabilities to determine security infrastructure requirements.
4. Research emerging threats and evaluate the possibility of threat to the organization and develop action plans to proactively prevent breach in security protocols.
5. Provide technical security expertise, recommendations and translations of Federal/State regulatory requirements with industry best practices to ensure compliance.
6. Develops and publishes Information Security policies, procedures, standards and guidelines based on knowledge of best practices and compliance requirements.
7. Asssits in response to information security incidents and fraudulent activity.
8. Manages system security requirements, policies and procedures using the National Institute of Standards and Technology (NIST) and other industry frameworks.
9. Install, configure, test and maintain security systems, application software and management tools.
10. Participate in the design and configuration of an enterprise SIEM.
11. Manages security compliancy to exceed latest PCI DSS version.
12. Monitors and tests security architectures, identify possible solutions and work with inter-departmental personnel for remediation of security gaps.
13. Recognizes potential, successful and unsuccessful intrusion attempts and compromises through reviews and analyses of relevant event detail and summary information.
14. Evaluate existing policies, procedures, practices, and systems for potential security risks and provide recommendations for addressing the security concerns, modifying or changing policy as needed.
15. Manages risk assessments and execution of tests of data processing environments to ensure compliance with policies, procedures and controls.
16. Conducts platform or operating system vulnerability scans which assess exposure of system to attacks or hacking. Responds to questions regarding viral activity, concerns about spam/phishing etc. Produces quarterly passing attestation reports for PCI compliance.
17. Facilitates teamwork and shows commitment to organizational objectives.
18. Maintains regular and predictable attendance and abides by all policies and procedures of Oriental Trading Company.
19. Must be able to attend face to face meetings on short or little advance notice.
1. Maintains an organized repository of team documents on intranet and internal fileshares.
2. Strives to learn additional job functions of peer level positions with whom the employee interacts.
3. Performs other related duties and projects as assigned.
Here is what you need to join the FUN...
Knowledge, Skills and Abilities
• BA or BS, Computer Science, Management Information Systems, or preferred field
• Industry Certifications (GIAC, CISSP, or other Security/Technical Certifications)
• Minimum 5 years of progressive experience in computing and information security, including experience with Internet technology and cyber security issues.
• Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis and compliance testing.
• Knowledge of information security standards, rules and regulations related to information security, Payment Card industry standards and desktop, server, midrange, application, database, network security principles for risk identification and analysis.
• Experience with cyber security best practices; including creating and updating security policies, procedures and compliance auditing.
Other Desirable Requirements
Working knowledge of Rapid7, QRadar, Multifactor Authentication, Web Application Firewalls, Palo Alto firewalls and DLP applications a plus.
• Strong analytical and problem solving skills.
• Requires some weekend and evening assignments as well as availability during off-hours for participation in scheduled and unscheduled activities.
• Proven leadership skills including: effective oral and written communication, performance management, issue resolution, negotiation, motivating others, forecasting and planning.
To apply in less than ten minutes click the “Apply” button or view a complete list of our current openings at http://www.myotccareer.com
To apply in less than ten minutes, log in to Ultipro.
• Click on the “Myself” tab
• Click on the “My Company” tab
• Click on “View Opportunities” from this section
ATTENTION: If you are creating a new profile, you must Save the profile information and then login with your new user when prompted to complete the application process.
All work and no play just isn’t our style. Join us today!
Oriental Trading Company, a Berkshire Hathaway Company (http://www.orientaltrading.com) is the nation’s leading direct marketer of value-priced novelties, toys and party supplies and welcomes talented, motivated people who want to build a meaningful career and Make The World More Fun!
Oriental Trading Company is the nation's largest direct retailer of value-priced party supplies, arts and crafts, school supplies, toys and novelties. Recognized as one of the Top 20 Internet Retailers based on customer satisfaction, Oriental Trading offers over 40,000 products to consumers, educators, businesses and non-profit organizations. Oriental Trading employs approximately 1,600 employees and makes the world more fun with items ranging from pink flamingos and wedding favors to holiday decorations, educational games and crafts. In 2013, Oriental Trading acquired MindWare, an award-winning creator and manufacturer of educational toys and in 2014, acquired SmileMakers, the leader in patient giveaways and practice promotion products. Oriental Trading is a Berkshire Hathaway company.