BA or BS in Computer Science, Management Information Systems, or related field desirable
Five+ years of progressive experience in networking and information security, including experience with Internet technology and security issues
Previous working experience, preferably as a senior security engineer for 3+ with focus with at least one of the role areas
Relevant education and certifications may be considered an advantage, such as (but not limited to): CISSP, CISM, ISO 27001, GSEC, GIAC or equivalent
Description
As part of the Arcanna.AI Cyber Security team, your responsibilities will be to support both Product and Managed Services business lines with:
Security Consulting services
Subject matter expertise for Arcanna.ai related projects, both customer facing and R&D
Responsibilities
Research, evaluate, design and recommend new technologies and tools to improve Siscale security posture
Collaborate with other teams (e.g: R&D, Data Science, Application Development) in R&D projects related to our product Arcanna.ai
Participate in customer facing projects related to Arcanna.ai deployments and POCs
Continually propose solutions to improve scanning, detection, and response to security incidents capabilities
Assist with implementation of the security roadmap to implement critical security controls and execute security strategy
Identifying possible security threats and determining the best security measures.
Designing, implementing, and maintaining security protocols, policies, plans, and systems
Drive vulnerability management programs for our managed services customers, using specific technologies and tools, such as: Nessus, SCCM
Perform periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine security vulnerabilities.
Ensure the integrity and protection of networks, systems, and applications by technical enforcement of organizational security policies, through monitoring of vulnerability scanning devices.
Conduct security research in keeping abreast of latest security issues
Assist in delivering technical solutions that empower the business and meet their needs in a secure manner.
Maintain current knowledge of relevant technology as assigned.
Perform other related duties as assigned.
Technology agnostic skills
Enjoy working autonomously as well as collaboratively on different projects
Always drive issues through to completion, taking personal ownership of the objectives
Be the subject matter expert for technical issues relating to the security of our environment
Enjoy learning and embrace the ever-changing threat landscape
Accurately determine your own and the team’s relative priorities and be commercially aware
Have excellent documentation and records management skills
Be available out of hours to assist in priority 1 security incidents if they occur
Technical skills
Expertise in a broad array of systems and security technical controls and processes, such as: endpoint detection and response (EDR / XDR), vulnerability scanners, intrusion detection/prevention (IDS / IPS), SIEM, SOAR, system hardening, network segmentation, threat intelligence, forensic analysis, etc.
Experience should include security policy development, security education, network penetration testing, application vulnerability assessments, risk analysis, contract review, management of gap remediation and compliance testing
Good knowledge of Information Security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality and desktop, server, application, database, network security principles for risk identification and analysis.
Experience with Vulnerability Management / Patch Management process and tools, such as: Nessus, SCCM
Experience in auditing and implement the Center for Internet Security’s (CIS), Critical Security Controls.
Ability to maintain composure under pressure and work calmly during an emergency
Ability to manage multiple tasks and schedules
Strong communication skills
Strong analytical and problem solving skills are necessary
Clear, logical and persuasive communication skills with an ability to work closely with executives and employees at all levels
Excellent attention to detail
Genuine passion for Information Security
Education & experience
BA or BS in Computer Science, Management Information Systems, or related field desirable
Five+ years of progressive experience in networking and information security, including experience with Internet technology and security issues
Previous working experience, preferably as a senior security engineer for 3+ with focus with at least one of the role areas
Relevant education and certifications may be considered an advantage, such as (but not limited to): CISSP, CISM, ISO 27001, GSEC, GIAC or equivalent