Information Security Engineer

ABOUT THE ROLE:
The Information Security team is looking for an experienced Security Engineer to assist with the execution and continued development of the Information security program.  The Security Engineer will be responsible for supporting Security Operations in our Production and Corporate infrastructure and reports to the Director of Information Security.
The candidate will provide support to detect, respond, mitigate, and report cyber threats and attacks. You will also monitor threat and vulnerability monitoring sources to understand current risk and recommend response and mitigation strategies.  The candidate will work cross-functionally and will support personnel on technical and non-technical security risks and detected activity.

PRIMARY RESPONSIBILITIES:

• Perform security event analysis, prioritize response, and lead internal teams during security incidents
• Integrate security tools and configurations using automation solutions and code
• SIEM monitoring and analysis of system, application, and user exploitation attempts
• Collecting, analyzing, and interpreting forensics evidence, supporting legal and compliance requirements
• Respond to compliance requests by collecting, analyzing, and interpreting audit evidence
• Provide vulnerability remediation guidance for timely mitigation of application and system weaknesses
• Support Software engineering build and continuous integration/continuous delivery (CI/CD) for web and mobile applications
• Perform technical security reviews for new product, vendor, & technology implementations

QUALIFICATIONS:

• 3-5 years’ experience working in a Security Operations Center or similar hands-on role
• Experience in regulated environments subject to PCI-DSS, SOC 2, Sarbanes-Oxley, or Privacy regulations
• Experience with the following: Patch management tools, Single Sign-on (SSO), Security Information and Event Management (SIEM), Anti-Virus (AV), Firewall Policies, SDLC concepts, and Vulnerability Assessment tools
• Knowledge of network and security concepts and protocols (Zero-Trust, DNS, SMTP, SFTP, SSH, etc.)
• Experience working with Cloud Service Provider platforms such as AWS and the tools used to manage day-to-day activities
• Possess the ability to contribute application code to automate security operations tasks

PREFERRED:

• College Degree and ISC2, ISACA, or GIAC, or other relevant industry certifications, or equivalent work experience
• Operational Security experience in a Software-As-A- Service organization


#LI-UL1

About UdemyWe believe anyone can build the life they imagine through online learning. Today, more than 35 million students around the world are advancing their careers and passions by exploring and mastering new skills on Udemy, and expert instructors are able to share their knowledge with the world. Through our global marketplace and our solutions for businesses and governments, we connect people everywhere with the skills they need for success in work and life. We’re a close-knit bunch that enjoys problem-solving and collaboration, and we share a serious belief in the power of learning and teaching to change lives. Udemy’s culture encourages innovation, creativity, passion, and teamwork. We also celebrate our milestones and support each other every day.
Founded in 2010, Udemy is privately owned and headquartered in San Francisco’s SOMA neighborhood with offices in Denver (Colorado), Dublin (Ireland), Ankara (Turkey), Gurugram (India), and São Paulo (Brazil).
Udemy in the NewsUdemy Adds More than $1 Billion To Its Valuation in New Funding RoundUdemy’s Workplace Learning Tool Just Surpassed $100M in ARRPaid Paternity Leave Should be the Norm in the U.S.Breakdown of Most In-Demand Skills for 2020—Finance, Marketing, Sales and EngineeringHow Investing in Yourself Today Will Set You Up for Career Success TomorrowFeedback Isn’t the Problem, but the Way That We Deliver It Is Broken