Principal Information Security Engineer
Holmdel, NJ or Atlanta, GA or USA Remote
Senior Information Security Engineer
The Vonage Information Security organization drives Security, Privacy, Trust, and Compliance by design and is seeking a Senior Security Engineer expert who would report directly to the Chief Information Security Officer of Vonage. In this role the expert individual will have deep and broad technical experience in a) designing a defense-in-depth security architecture, b) helping assess and implement appropriate security, privacy, and compliance constructs and controls, and c) helping develop strong security monitoring, alerting, and response mechanisms. As a senior security engineer, the candidate is expected to understand modern cyber threats and to champion world-class security best practices to effectively counter these threats.
What you will do
- Lead system and application architecture security reviews and identify and help implement robust security architectural constructs
- Partner with senior engineering/IT/security leaders to develop and strategically implement and maintain a world class security posture across a variety of communication products and services
- Champion the continuous improvement of security monitoring, detection, and prevention capabilities. This includes vendor technology evaluations, and the subsequent operational deployment of selected security tools. Key areas include network security, container security, host-based intrusion detection systems, cloud security tools, web application firewalls, database security monitoring systems and data classification tools, firewalls/routers/switches, proxy servers, antivirus systems, file integrity monitoring tools, and operating system logs, to name a few.
What is Required:
- A BS/MS in Computer Science, Computer Engineering, Information Security,, Mathematics or other related degrees
- A passion for Information Security
- Demonstrated track record of significant security contributions
- Ability to function independently and partner strategically and effectively with cross-functional leaders across a modern software/technology company
- Demonstrated record of continuous learning – new technologies and best practices
- Knowledge of cloud computing systems - AWS knowledge is a must, Google Cloud highly desired
- Experience implementing an IaC based security strategy
- Knowledge of Secure SDLC (SSDLC) processes and tools in support of a shift-left software security philosophy
- Experience in working with Application and API software development teams in defining specific product security requirements and operating within a robust security architecture blueprint.
- Understanding of kubernetes / container ecosystems
- Demonstrated understanding of general Unix/Linux systems administration (Or similar, e.g. Ubuntu, Solaris, etc.)
- Knowledge of standard Unix infrastructure tools/protocols (DHCP, DNS, NTP, SYSLOG, SSH, IPSec etc.)
- Foundational cross-functional understanding of network engineering concepts and protocols (e.g., TCP, UDP, SSL, etc.)
- Knowledge of Security incident response processes
- Knowledge and understanding of MITRE ATT&CK vectors and tools as well as the best practices for securing systems and networks
- Must be fluent in English and have strong verbal and written communication skills; ability to communicate effectively and clearly to both technical and non-technical staff
- Candidates must be self motivated, have strong collaborative skills, and willing to work with and learn enterprise technologies and be comfortable working in a matrixed organization
Nice to have
- Information Security and Cloud Certifications (CISSP, CISM, CompTIA, etc)
- AWS Cloud Certifications (AWS Architect, AWS Security Engineer, etc)
- Experience in Threat Hunting Processes and Tools
- Prior hands on software development experience
What is in it for you:
- In addition to providing exciting work, career advancement opportunities, and a collaborative work environment, Vonage provides competitive pay and benefits including unlimited discretionary time off and tuition reimbursement.
Note:
The purpose of this profile is to provide a general summary of essential responsibilities for the position and is not meant as an exhaustive list. Assignments may differ for individuals within the same role based on business conditions, departmental need or geographic location.
#LI-JS3
#LI-REMOTE
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Antivirus APIs AWS C CISM CISO CISSP Cloud Compliance CompTIA Computer Science DNS Firewalls GCP Incident response Intrusion detection Kubernetes Linux Mathematics MITRE ATT&CK Monitoring Network security Privacy Product security SDLC Security strategy Solaris SSH Strategy Ubuntu UNIX
Perks/benefits: Career development Competitive pay Unlimited paid time off
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Specialist jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Staff Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Information Security Analyst jobs
- Open Cybersecurity Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Analyst jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Security Researcher jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Security Operations Analyst jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open ISO 27001-related jobs
- Open Pentesting-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Security Clearance-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open EDR-related jobs
- Open CEH-related jobs
- Open Forensics-related jobs
- Open Kubernetes-related jobs