Why We Work at Dun & Bradstreet
We are at a transformational moment in our company journey - and we're so excited about it. Each day, we are finding new ways to strengthen our award-winning culture, and to accelerate creativity, innovation and growth. Our purpose is to help customers improve business performance with Dun & Bradstreet's Data Cloud and Live Business Identity, and we're wildly passionate and committed to this purpose. So, if you're looking to make an immediate impact at a company that welcomes bold and diverse thinking, come join us!
Dun & Bradstreet is seeking a Senior Security Engineer responsible for leading, guiding, designing, and developing security strategies and solutions for data security across a hybrid, multi-cloud environment. The Security Engineer is a highly technical and creative contributor to a world class Engineering & Architecture team enabling the development and execution of our Data Security program across all platforms.
• The Senior Security Engineer would be our technical SME within the Data Security domain responsible for designing and implementing enterprise technology and procedural controls. The candidate should have extensive experience with system security concepts, tools, implementation, DLP, CASB, and integration with various data sources and application stacks.
• The ability to work across business units, IT teams and external partners to understand business requirements in order to design security controls and solutions
• Research business and technical challenges. Provide solution recommendations to mitigate risk and improve our security posture.
• Serve as security engineering lead for security technology implementations
• Translate architecture specifications to low-level component design and detailed functional specifications
• Support system and network security related policy development and regulatory compliance
• Provide general system security domain knowledge to improve the enterprise security architecture
• Validate that acquired or developed system(s) and architecture(s) are consistent with our cybersecurity architecture guidelines
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan
• Provide advice on project costs, design concepts, or design changes
• Define and document how the implementation of a new system, or interfaces between systems, impacts the security posture of the current environment
• Drive business compliance to application security standards and controls e.g. vulnerability remediation, SAST/SCA onboarding
• Work towards developing the application security roadmap for the firm
• Provide leadership on different forums on promoting security awareness, including recommended solutions and staying current on net new threats, vulnerabilities and OWASP best practices
• Manage application security projects to address continuous risk and threats and to reduce vulnerability exposure for the firm
• Implementation, support, and development of DLP and CASB solutions. Handling operational requests/tickets to support end user computing and networking IT departments.
• Designing and implementing end user computing solutions for data leakage prevention, endpoint FW strategies, proxy filtering, Office 365 controls, and Active directory controls/remediation.
• Cross train with and support of the data security team (structured data protection/DBs). Handling operational requests/tickets to support IT and Application teams.
• Monitoring health of security solutions. Executing daily tasks in support of security solutions.
• Mentor peer group and participate in knowledge exchange
• 7+ years relevant Information Security experience with a focus on DLP, CASB, endpoint security solution and architecture
• Strong ability to design countermeasures to identify security risks. Knowledge of common security issues including malware, viruses, ransomware, and host intrusion.
• Strong knowledge of DLP, CASB, host FW, endpoint protection
• Data leakage Security Pro in Administration, design, and policies
• Solid understanding of:
o Azure Information Protection
o Regulatory requirements (ie. GDPR)
o Sensitive Personal Information data elements
o Office 365
o Active Directory
• Strong technical acumen, communication and influence skills to demonstrate effectiveness of different endpoint security initiatives
• Strong background in data security and well informed on key data security controls
• A professional certification in an Information Security domain such as CISSP, CISM, or CISA preferred but not required
Dun & Bradstreet is an Equal Opportunity Employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, creed, sex, age, national origin, citizenship status, disability status, sexual orientation, gender identity or expression, pregnancy, genetic information, protected military and veteran status, ancestry, marital status, medical condition (cancer and genetic characteristics) or any other characteristic protected by law.
We are committed to Equal Employment Opportunity and providing reasonable accommodations to applicants with physical and/or mental disabilities. If you are interested in applying for employment with Dun & Bradstreet and need special assistance or an accommodation to use our website or to apply for a position, please send an e-mail with your request to TalentAcquisitionTeam@dnb.com. Determination on requests for reasonable accommodation are made on a case-by-case basis.
Please note that all Dun & Bradstreet job postings can be found at https://dnb.wd1.myworkdayjobs.com/Careers and all communication from Dun & Bradstreet will come from an email address ending in @dnb.com.