Senior Information Security Engineer (APAC)

What is special about Lighthouse?

Lighthouse is built on a foundation of unique, compassionate, highly driven individuals.   We elevate the strengths and talents of those around us while leveraging opportunities for growth. We offer the experience of solving complex problems while continuing to grow multiple facets of your career. Lighthouse is where innovation meets support and where collaboration is the key ingredient to success.  We grow together and are stronger together. 

What’s unique about this role?

Accountable for administering, maintaining, monitoring, expanding and troubleshooting Lighthouse’s security technology stack. Works across all areas of the organization to drive requirements to plans to ensure security measures are implemented in accordance with Industry Standards and Lighthouse Information Security Management System.  Responsible for designing and implementing the technologies to evolve our organizational security posture.  Tracks, monitors, and identifies risks throughout the company.   Responsible for developing policies and strategies, and testing for vulnerabilities, implementing protections, monitoring for breaches, and addressing any attempt of an attack.   Effectively works across teams to help educate the workforce on the benefits of security enhancements that keep the organization healthy

What will this person do?

• Provide technical leadership in the design, implementation and management of our global security strategy
• Work closely with business owners to ensure that systems and services meet all of the Lighthouse standards for security measures
• Communicate clearly with peers as well as management and provide technical leadership 
• Perform hands-on analysis of the production systems, document deficiencies, provide run books for mitigation, and deliver root cause analysis for critical issues
• Analyze and resolve security issues, and report to the business and Law Enforcement as appropriate 
• Proactively monitor the systems to ensure our security posture is current and evolving 
• Maintain operational, configuration and other procedures and documentation
• Participate in after-hours on-call support when required
• Upgrade and configure system software that supports secure global infrastructure and applications per project or operational needs. Track OS patches and upgrades on a regular basis and upgrade administrative tools and utilities. Configure and add new services as necessary
• Manage and escalate cases to vendors for problem resolution
• Implement upgrades to tools, and applications
• Perform periodic performance reporting to support planning
• Perform ongoing performance tuning, and resource optimization as required
• Build tools to automate processes and operate production security systems
• Interact daily and develop and sustain productive relationships with internal and client resources at multiple levels through collaborative, consultative service
• Collaborate with all functional areas of the business to identify, analyze, prioritize, mitigate and communicate project risks
• Attain relevant technical and professional knowledge of applications, the discovery process, and related topics through training, vendor meetings, seminars, vendor materials and documentation, self-study, user group meetings inside and outside the firm, industry networking and professional journals
• Learn Lighthouse’s Product and Services offerings
• Implement ITIL and other process frameworks as applicable to the security infrastructure
• Management of the SIEM Deployment and the collection of all logs for event correlation
• Identity Access Management security requirements design
• Management and Monitoring of security for Infrastructure to ensure all systems in the environment are monitored

Bring your passion and together we will shine.  It would also be great if you have the following:

• Bachelor’s degree in computer science, related field or comparable job experience
• 10+ years of progressive experience with large scale technical infrastructure including on premise, public cloud and/or private cloud
• Experience operating highly-available, high-volume environments, ideally in a SaaS or commodity website environment using primarily Microsoft based solutions
• In-depth knowledge of security principles as related to infrastructure management 
• Microsoft PowerShell or similar scripting languages a plus
• In-depth experience with Microsoft Active Directory principles and design
• In-depth understanding of Microsoft Certificate Services or other PKI systems
• Subject Matter Expert level understanding of Virus and Malware incident response and threat mitigation
• Experience with Vulnerability Management platforms such as Rapid 7
• Experience securing systems in a client data/need to know environment
• Experience securing systems and services in a cloud, preferably Azure, environment 
• Experience with system (Desktop/Server) hardening standards (CIS/NIST/FIPS/Etc.)
• Preferred: 

1. CISSP, CSSP or other industry certifications
2. Experience with Configuration Management systems
3. Experience working with both Microsoft and Linux (such as Ubuntu server)

• Strong understanding of data center design and principles - hosting experience a plus
• Ability to plan, scope and estimate work effort to produce high quality deliverables on time/on budget
• Exceptional interpersonal skills; ability to speak clearly and with authority
• Able to work with diverse teams (national and international) in a collaborative manner
• Intellectual curiosity and the ability to learn new concepts quickly and efficiently
• Highly solution focused; strong sense of urgency with a passion for 100% availability
• Tenacious problem solver under pressure
• Act and work both independently and in a team environment
• Perform other related duties as assigned

Work Environment and Physical Demands

• Duties are performed in a typical office environment while at a desk or computer table.
• Duties require the ability to use a computer, communicate over the telephone, and read printed material, in a quiet and professional setting.
• Duties may require being on call periodically and working outside normal working hours (evenings and weekends).

Lighthouse celebrates and thrives on diversity and is an Equal Opportunity Employer. We hire, train, and promote regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law.  We welcome any talents and contributions you can bring to the team and are deeply committed to growing an environment where everyone can feel safe, is respected, and can show up as themselves. Come as you are! 

This position will work for and be employed by Lighthouse's India subsidiary, which is an independent company located in India.