BlueSnap is seeking a senior IT Security Engineer to actively contribute and participate in the delivery, development and maintenance of a comprehensive information security program within BlueSnap.
This position is based in Waltham, MA.
- Maintain and manage current security solutions within BlueSnap: WAF, IPS, DDOS mitigation, SSL Proxy, 2FA solution, endpoint security, OSEC agents, Security patching, etc.
- Actively participate in the development and maintenance of BlueSnap information security policies, standards and procedures
- Work with key IT personnel to oversee the dissemination and enforcement of these policies, standards and procedures within BlueSnap
- Assist in the development of an education and training program on information security and privacy matters for developers and IT personnel
- Function as an internal consulting resource on information security issues
- Maintain and enhance the Incident Reporting and Response System to address BlueSnap’s security incidents (breaches), respond to alleged policy violations, or complaints from external and internal parties
- Recommend IT solutions (hardware and software) and applications for vulnerability detection and remediation to keep BlueSnap’s environment secure.
- Oversee vulnerability testing and coordinate activities related to PCI compliance and other security certifications
- Keep abreast of latest security and privacy technologies, IT solutions, regulations, advisories, alerts and vulnerabilities
- Consult with security experts and consultants and provide recommendation on the latest technologies that should be leveraged/deployed to keep BlueSnap’s environment safe and secure
Skills & Qualifications
- 5+ years’ experience in IT systems
- 3+ years of experience in information security involved in the deployment and upkeep of various security solutions: endpoint, server, network, etc.
- Strong technical skill set and awareness of software development processes, architecture and IT infrastructure
- Direct experience in implementing security appliances and solutions in an IT environment
- Working knowledge of and experience in the policy and regulatory environment of information security, especially in PCI compliance and the financial sector
- Beneficial Skills
- IT background is strongly preferred
- Security certification is a great advantage: CISSP, CISM, GSEC, CEH, etc.
- Experience in developing and administering an information security program
- Experience in PCI compliance
- Bachelor’s degree in an engineering field required. Advanced degree preferred
To apply please email your resume to firstname.lastname@example.org