The senior information security specialist will plan and carry out security measures to protect company's environments.
the senior specialist will be responsible for identifying opportunities for improvement in security posture in collaboration with other security team members and other business units.
the senior specialist will act as lead on security related projects and technologies and assuring the effective implementation and management of security tools as we continue to improve information security at martinrea.
the senior specialist will be responsible to provide daily support and on call rotation.
*required education and experience*:
- bs degree in information security, cyber security, computer science or equivalent
- 5+ years of working experience in support of a large scale, mission critical enterprise security infrastructure
- understanding of complex technical environments including traditional datacenter, public cloud, multi-cloud, and hybrid including aws and azure.
- experience with tools such as azure security center, azure sentinel, guard duty, and other cloud services.
- extensive hands-on experience of ms 365 and azure security, mfa, cyberark, mdm
- experience with assessment, development, implementation, optimization, and documentation of a comprehensive and broad set of security technologies and processes (secure software development (application security), data protection, cryptography, key management, identity and access management (iam), network security) within saas, iaas, paas, and other cloud environments.
- knowledge of sso methodologies
- experience with multiple programming languages (such as, java, c++, phyton, vb, powershell, html, php, angular, xamarin etc.)
- excellent knowledge with current operating systems (windows, unix, aix, os x and linux), network and web related protocols (such as, tcp/ip, udp, ipsec, http, https, routing protocols)
- in dept knowledge of smtp, ssl/tsl
- knowledge of security industry standards and certification frameworks such as iso27001, pci, hippa etc.
- preferred to have: certified cloud security professional ccsp, ms 365 security administrator ms-500 and azure security engineer associate sc-500
*essential functions*:
- leading the security design of public cloud infrastructure, including aws and azure.
- planning, testing, and implementing security solutions for the monitoring and protection of company assets in the cloud.
- knowledge of security controls and solutions to protect cloud native environments (gcp, aws, azure).
- in-depth understanding of cyber threat intelligence concepts
- knowledge and understanding of up to date security threats and common vulnerabilities and exploits, malware, attack paths, threat actor groups, etc
- networking skills required (layer 2 & 3 switches, osi model, tcp/ip.
snmp, etc
- experience with virtualization on prem and cloud platform
- analysing requirements for security tools and technology (siem, endpoint protection, vulnerability management, dlp, perimeter security, ddos, other).
- deployment, management, and optimization of cloud and container security tools
- proficiency in a scripting language such as python, powershell, or bash
- experience with selecting, designing, and implementing security tools and capabilities for large, complex commercial organizations with focus on cloud security.
- develop required documentation to help operationalize and automate technologies in close coordination with security operations to ensure compliance requirements are met
- continuously identify areas needing improvement, create action plans, and execute to implement changes in a timely manner
tipo de puesto: tiempo completo
salario: $70,000.00 - $85,000.00 al mes
beneficios:
- días de maternidad superiores a los de la ley
- horarios flexibles
- seguro de gastos médicos
- seguro de gastos médicos mayores
- servicio de comedor
- servicio de comedor con descuento
- teléfono de la empresa
- trabajar desde casa
- vacaciones superiores a las de ley
- vales de despensa
horario:
- turno de 8 horas