•File Integrity Monitoring (FIM) – Manage the day-to-day administration of the TripWire File Integrity Monitoring (FIM) system across the enterprise.
•Information Security – As a member of the Information Security team, this position will assist in the management of SEA’s global information security program; execute information security assessments within the organization and on third party vendors and service providers; ensure information security policies and controls are compliant with Payment Card Industry Data Security Standards (PCI-DSS); lead assessments to validate PCI-DSS compliance, working closely with our Qualified Security Assessor (QSA); manage risk assessments over proposed new technologies or infrastructure architecture changes; develop and provide security awareness training; respond to security incidents and generate incident reports; assist with the administration of key security program functions, such as firewall management, intrusion prevention, security assessments, Internet content filtering, and incident response.
•Desktop Engineering/Security – Provide technical oversight of vendor who manages endpoint security and patching, validating that appropriate security protection is being implemented; Manage Active Directory group policies related to desktop security; assist with desktop issues that cannot be resolved by tier 2 support.
•Must have strong understanding of general information security concepts & defense in depth
•Must have experience with several aspects of telecommunications and network security, including firewalls, IPS/IDS, penetration testing, vulnerability scanning, software code scanning, two-factor authentication, and cryptography
•Must have experience with access control systems and physical security
•Must have experience with application and systems development security would be a plus
•Must be familiar with current security practices in various version of software and operating systems, including Windows, Active Directory, SQL Server, IIS, .NET, and Cisco network equipment
•Must have a background in vulnerability assessments, risk analysis, and mitigation
•Must have excellent problem solving skills
•Driven to achieve goals and meet deadlines
•Strong interpersonal, written, and verbal communication skills; must be able to explain technical issues in business terms
•CISSP (Certified Information Systems Security Professional) or other industry certification would be plus
•Preference for working in a team-oriented, collaborative environment
•Prior desktop engineering experience (Windows 7) would be a plus; Mac/IOS knowledge would be a plus
Education and Special Skills
•BS in MIS, Computer Science, or equivalent experience
•CISSP (Certified Information Systems Security Professional) certification preferred
•Minimum 5 years of experience in an enterprise network environment
•Knowledge of current protocols and standards is required
•Expertise with Cisco firewalls and switches is required
•Knowledge of PCI DSS is preferred