IT Security Engineer II
US - Remote
Emburse
Focus on what matters more with help from Emburse's trusted expense management, AP automation, and payment solutions. Optimize expense management, AP automation, and global B2B payment solutions for your business or organization with Emburse.Emburse has offices across North America, including Los Angeles, Montreal, Portland (ME), San Diego, San Francisco, and Toronto, as well as locations in the UK, Germany, Spain and Australia.
Our core values - Sincerity, Empathy, Empowerment, Individuality and Teamwork - reflect who we are as a company. They are central to the decisions we make and the interactions we have with our teams, customers, and partners. As a people focused company, we are seeking candidates who align with our values.
Emburse is a proud recipient of a 2020 Tech Cares Award from TrustRadius. This award celebrates companies that have gone above and beyond to provide their communities, clients, and front line workers with support during the COVID-19 pandemic. We are a people-first company, and this award is a testament to our mission to humanize work.
Follow us to stay updated on news and job openings!
Monitor computer networks for security issues. Investigate security breaches and other cyber security incidents. Oversee installment of security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
What you'll do:
- Identifying and mitigating security risks
- Conduct network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
- Respond in a timely fashion to Intrusion Alerts
- Management, and execution of internal vulnerability management program across all Clusters
- Recording of results once per quarter
- Development and execution of any required remediation
- Management of external ASV scanning vendor across all Clusters
- Recording of results once per quarter
- Development and execution of any required remediation
- Management and coordination of Penetration Testing
- External and Internal Pen Tests
- Web Application Pen Tests
- Performance of Internal Firewall pen testing in all Clusters
- Required once per year per PCI 3.2
- Recording results
- Development and execution of required remediation
- Provide incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary
- Protecting Chrome River data, information, assets, and other resources
- Provide analytical and technical security recommendations to other team members, oversight boards, and clients; Identify requirements, based upon need or as the result of a security issue that puts organizations systems at risk
- Oversee the correlation of network activity across networks to identify trends of unauthorized use
- Implement and manage patching processes for servers, network, and storage devices
- Work with DevOps and SysOps teams to develop documentation to support ongoing security systems operations, maintenance, and specific problem resolution
- Participate in annual incident response and disaster recovery tests.
- Assisting with compliance regulations
- Active member in technical workgroups to recommend effective security configurations and architecture
- Assist in all security compliance and audits associated with each (PCI, SOC, etc.)
- Other duties as assigned
What we're looking for:
- Bachelor’s degree in Computer Science or related field
- Minimum 2-4 years’ experience in Information Security
- Knowledge of web architectures and technologies such as HTML, JavaScript, XML, REST, SOAP.
- Expertise in TCP/IP. Understanding of common network vulnerabilities, OS vulnerabilities (Linux, Windows and OSX), patching and attack patterns
- Familiarity with Enterprise Vulnerability Management tools such as Rapid 7 Nexpose and Nessus
- Technical expertise in analyzing threat event data, evaluating malicious activity, documenting unusual files and data, identifying tactics, techniques and procedures used by attackers
- Experience performing penetration tests
- Successful experience identifying, qualifying, and remediating security vulnerabilities
- Must understand security concepts and be able to link system issues to Chrome River's infrastructure
- Ability to work under moderate supervision and collaborate effectively with management
- Effective, clear communication skills in English
- Ability to build and maintain effective relationships with co-workers and customers
- Operate with a sense of urgency
Tags: Audits Compliance Computer Science DevOps Encryption Firewalls Forensics IDS Incident response Intrusion detection IPS JavaScript Linux Monitoring Nessus Pentesting TCP/IP Vulnerabilities Vulnerability management Windows XML
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Security Analyst jobs
- Open Information Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Principal Security Engineer jobs
- Open Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open IT Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Security Specialist jobs
- Open Cybersecurity Specialist jobs
- Open Senior Penetration Tester jobs
- Open Sr. Security Engineer jobs
- Open Security Researcher jobs
- Open Senior Security Architect jobs
- Open Security Operations Analyst jobs
- Open ISO 27001-related jobs
- Open Clearance-related jobs
- Open Network security-related jobs
- Open Windows-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open Pentesting-related jobs
- Open Vulnerability management-related jobs
- Open GCP-related jobs
- Open Analytics-related jobs
- Open SaaS-related jobs
- Open CISA-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open APIs-related jobs
- Open Java-related jobs
- Open Security assessment-related jobs
- Open DevOps-related jobs
- Open Malware-related jobs
- Open Kubernetes-related jobs
- Open Security Clearance-related jobs
- Open CI/CD-related jobs
- Open IDS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs