Randstad Digital Americas ยท 22 hours ago
Sr. Infosec Engineer
United States
Contract
Remote
Senior Level, Lead/Staff
$70/hr - $75/hr
10+ years expRandstad Digital Americas is seeking a Sr. Infosec Engineer for a large financial services company. The role involves working with IT partners to embed security controls and improve IT products, while also developing security architecture and strategy.
Information Technology & Services
Responsibilities
Working with IT partners to understand current and new solutions, how security controls are embedded, and discussing needed improvements to the IT products
Working with team members on process improvements to ensure consistent delivery of security consulting
Learn our internal systems and standards
Begin shadowing existing team members to understand how processes are executing today
Transitioning to taking the lead on security consulting among IT teams
Assists the Sr. and Principal Architects with the creation of security designs and frameworks for technology systems
Monitors security intelligence sources for emerging industry security technologies, technology issues, regulatory issues and practices
Provides oversight of new development efforts to ensure adherence to security policies, standards, and reference architectures
Actively participates in decisioning processes related to adoption of new hardware and software technologies
Provides advisory services as needed to information security teams
Utilizes planning and organization tools to develop project/action plans
Meets deliverable deadlines as directed
Assists the Principal and Sr. Information Security Architects with the development of the annual Information Security Strategy
This includes strategy development, formalized road map documentation, and continued maintenance
Possess intermediate knowledge of company Cyber Security Tools and affiliated operational processes
Utilizes knowledge when advising to determine residual risk of identified threats or control weaknesses
Champions the use Cyber Security Tooling through education and awareness of constituents
Foundational knowledge of regulatory bodies and corresponding compliance requirements including, but not limited to: PCI-DSS, SOX, GLBA, CCPA, GDPR
Intermediate knowledge of control frameworks including, but not limited to: FFIEC Examination Handbooks, NIST 800-53, ISO 27001
Advanced knowledge of Cyber Security Maturity Frameworks such as NIST-CSF and FFIEC Cyber Assessment Tool
Intermediate knowledge of IT tools and practices including, but not limited to: Networking, LDAP Directories, Vulnerability/Patch Management, Change Management, Incident Management, Server and Desktop Management, Mainframe Technologies, Encryption and Key Management, Cloud Architecture and Computing, Software Application General Computing Controls, Business Continuity/Disaster Recovery, Software Development Lifecycle, Access Management, and Cyber Security Tooling
Ability to diffuse problematic situations and manage through conflict resolution
Utilizes soft skills such as: Selective Agreement, Reflective Listening, Voice Inflection, and Empathy
Ability to take complex concepts and break down into laymen's terms or analogies that help with other's understanding
Viewed as an enabling partner that provides options or information when saying no to business or IT requests
Seen by leadership and peers as creditable, trustworthy and respectful
Utilizes subject matter expertise to guide and coach less experienced team members
Qualification
Required
CISSP, CRISC, AI certifications
10+ years of experience
High School Diploma or equivalent experience in related field
A minimum of 5-8 years of prior experience in a similar or related role
At least 3+ years exposure with Amazon Web Services (AWS), Microsoft Azure
Experience with architecting multi-cloud and/or hybrid-cloud environments
Experience working across multiple large scale cloud providers, including AWS, Azure
Experience in creating a strategic cyber security technology direction
Experience in analyzing cyber security risks and architecting security solutions
Proven knowledge of cloud services and distributed system architecture
Create secure patterns to simplify secure application migrations to cloud environments
Preferred
Bachelor's degree in Engineering, Computer Science, Information Security, or a related field
Familiarity or working knowledge with any scripting languages like JavaScript, Python, PowerShell
Prior working experience in SRE, DevSecOps, or DevOps
Knowledge of standard continuous integration and continuous deployment (CI/CD) patterns and security configuration management
Proven skills in writing and creating standards documentation for architectures, solutions, and tools
An Understanding Of How Application-layer Vulnerabilities Affect Cloud Infrastructure
Hands-on experience with some of the following technology: Cloud-native security tools (Azure Security Center, AWS Guard Duty)
Security-related certifications such as Certified Information Systems Security Professional (CISSP), AWS Certified Solutions Architect, Azure security certification, or equivalent experience
Previous Experience with Cloud Security Posture Management Tools
Experience working with VM, containers, and their Orchestration technology (Docker and Kubernetes)
Benefits
Medical
Prescription
Dental
Vision
AD&D
Life insurance offerings
Short-term disability
401K plan
Company
Randstad Digital Americas
Randstad Digital is a trusted digital enablement partner that facilitates accelerated transformation for businesses by providing global talent, capacity, and solutions across specialized domains.
10001+ employees
Funding
Current Stage
Late StageLeadership Team
Graig Paglieri
CEO, Randstad Digital Americas
Pascal de Hesselle
SVP, Executive Client Partner - Technology, Media & Telecom
Company data provided by crunchbase