Information Security Engineer/Architect

Description

About the Opportunity:

Epsilon is looking for an Information Security Engineer and Architect to join our Information Security Architecture team. At Epsilon, we work in a fast paced, collaborative environment where we offer the opportunity to work for a pioneering company in securing big data.

Information Security Engineering at Epsilon is a hands-on role that requires a high degree of technical Cyber Security expertise with different technology solutions and cloud environments like AWS and Azure. The person is responsible for Security related tasks, including process and engineering governance over the day-to-day administration of the different information security tools and devices, configuration review of solutions to reduce false positives and improve effectiveness in security policy enforcement and event monitoring. This individual must have the aptitude to use the Security tools to do security analysis of traffic patterns and adjust policy and procedures. Primary responsibilities also include performing technical and non-technical risk assessments on our systems and make recommendations to identify and improve security and risk posture. The Engineer must have experience in research and remediation of security vulnerabilities using existing or new tools and personal knowledge. The individual in this position interacts closely with personnel from other functions in Information Security and various IT departments.

The candidate will be responsible for leading program maturity efforts and initiatives in the security operations and engineering department. The candidate is responsible for working with the Security Operations Center analysts to ensure security tools are performing optimally and security events are detected in a timely manner for remediation actions. The candidate is responsible for producing metrics and automated dashboards to measure the effectiveness of the program. The candidate will also be working with the network services team, DevOps teams, and other business units on projects to enable existing Epsilon solutions for new clients and supporting the build of new Epsilon products and services for existing and new clients in Epsilon data centers and cloud environments.

Duties & Responsibilities:

  • Assess, design, implement, automate, and document customer solutions leveraging Epsilon data centers, Amazon Web Service (AWS), and other third-party solutions.
  • Demonstrate architectures, methods and controls required to meet stringent compliance and audit requirements.
  • Develop and rollout SIEM, IPS, Proxy, CASB, AV, DLP, Malware sandboxing and other security tools.
  • Provide 3rd level security escalation response for reported security incidents.
  • Investigate and resolve security incidents by providing postmortem analysis to illuminate the issues and possible solutions for short term tactical response and long term remediation.
  • Create and share unique ways to solve problems with others (presentations, blogs, articles, case studies).
  • SIEM (Security Information and Event Management): Must have experience extracting pertinent security data, setting up SIEM solutions and troubleshooting connectivity issues. Experience in Qradar, SumoLogic, Cloud Trail, Splunk, etc.
  • Need to be comfortable with DLP (Data Loss Prevention) technology concepts and deployment of DLP capabilities across endpoint, network, and cloud environments.
  • In-depth knowledge of Firewall technology. Additionally, knowledge of AWS Security Groups, how they work and are used to protect an enterprise.
  • Review system logs, SIEM tools, and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for policy and alerting enhancement.
  • Proactively stay up to date with developments in relevant technologies.
  • Developing solution and program quality metrics as both performance indicators and enterprise risk indicators.
  • Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
  • Assist and train team members in the use of security tools, the preparation of security reports and the resolution of security issues.
  • Develop and maintain documentation for security systems and procedures.
  • Lead and mentor Engineers.

Minimum Qualifications:

  • Bachelor's Degree in Computer Science, Engineering, or other Engineering or technical discipline or equivalent relevant experience. Master's Degree preferred.
  • Experience with a broad range of security technologies and processes, including next generation firewalls, proxies, CASB, WAF, DLP, NAC, IDS/IPS, IdAM, Active Directory/LDAP, SAML/SSO/Oauth, Certificate Management/SSL/TLS, SIEM, endpoint protection, anti-malware, vulnerability management, patch management
  • Strong knowledge of technology and security topics including network security, wireless security, application security, infrastructure hardening and security baselines, endpoint security, MDM, web server and database security
  • Experience in developing, documenting and maintaining security architecture, design, and procedures
  • Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts
  • Must have strong knowledge of TCP/IP and network administration/protocols
  • Experience with enterprise networking (routing, switching, load balancing, DNS, VPN)
  • Experience working with Linux and/or Windows servers and virtual machines
  • Knowledge of network and computer control architecture
  • Ability to clearly and effectively communicate concerns, issues and research to other teams and executive leadership
  • Experience in developing, documenting and maintaining security procedures. Experience in a technical customer-facing consulting or advisory role
  • Experience with Cloud Security engineering
  • Solid understanding Amazon Web Services (AWS) including VPC, ELB, IAM, KMS, EC2, Config, CloudTrail, CloudFormation, Lambda, and more
  • Working knowledge of at least one programming or scripting language: e.g. bash/shell, PERL, Python, Tcl, PHP, Ruby, Golang, Powershell, .NET, etc.
  • Experience with the development, deployment and automation of security solutions in large enterprise environments to connect to cloud solutions such as AWS and Azure while maintaining secure operations (i.e. firewalls, ACL, security groups)
  • Strong technical background and knowledge of network fundamentals and common Internet protocols
  • Develop procedures to automate/orchestrate various systems and tasks (e.g. automating code builds and deployments) using Jenkins, Git, Docker, Chef, Cloud Formation etc.
  • Working proficiency with work tracking systems such as JIRA, Workfront, Pivotal, etc.

Preferred Qualifications:

  • Advanced knowledge and ability to troubleshoot and debug network based, system level and application layer attacks and mitigation methods, and TCP/IP, HTTP/S, SSH, sFTP and related protocols
  • Knowledge of Log management and/or correlation systems (Qradar, Splunk, ELK, SumoLogic, etc.)
  • Experience with Microsoft Active Directory
  • Understanding of encryption and various algorithms, hashing, secure random number generation, key derivation, digital signatures, key vaulting and storage, tokenization, etc.
  • Experience reviewing audit logs utilizing SIEM tools
  • Knowledge of how various AWS and Azure automation strategies and tools such as cloud-init, AWS Lambda, Azure runbooks, and any data formats such as JSON and XML function
  • Familiar with Agile, DevOps and/or continuous integration/continuous delivery
  • Understanding of PCI, HIPAA, and FEDRAMP cloud migration requirements
  • CISSP, SSCP, Offensive Security, CPT, and/or CEH certifications a plus

#LI-KM1

Qualifications

Conditions of Employment

All job offers are contingent upon successful completion of certain background checks which unless prohibited by applicable law may include criminal history checks, employment verification, education verification, drug screens, credit checks, DMV checks (for driving positions only) and fingerprinting.

Great People, Deserve Great Benefits

We know that we have some of the brightest and most talented associates in the world, and we believe in rewarding them accordingly. If you work here, expect competitive pay, comprehensive health coverage, and endless opportunities to advance your career. From tuition reimbursement to scholarship programs to employee stock purchase plans and 401(k)s, we offer associates a variety of benefits that work as hard for them as they work for us.

About Epsilon

Epsilon is a global leader in creating connections between people and brands. An all-encompassing global marketing company, we harness the power of rich data, groundbreaking technologies, engaging creative and transformative ideas to get the results our clients require. Recognized by Ad Age as the #1 Largest World CRM/Direct Marketing Network, #1 Largest U.S. Agency from All Disciplines and #1 Largest U.S. Mobile Marketing Agency, Epsilon employs over 7,000 associates in 70 offices worldwide. Epsilon is an Alliance Data company. For more information, visit http://www.epsilon.com/, follow us on Twitter @EpsilonMktg or call 1.800.309.0505.

Alliance Data provides equal employment opportunities without regard to race, color, religion, gender, age, national origin, disability, sexual orientation, gender identity, veteran status or any other characteristic protected by law.

Alliance Data participates in E-Verify

For San Francisco Bay Area:

Alliance Data will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of San Francisco Police Code Sections 4901 - 4919, commonly referred to as the San Francisco Fair Chance Ordinance.


Meet Some of Epsilon's Employees

Mayela T.

Senior Business Analyst

Mayela serves clients by gathering notes on specific technical enhancements needed to improve engagement. Then she collaborates with Epsilon’s Development Team to make those enhancements a reality.

Tom M.

Account Executive

Tom switches up his main objectives based on which team he’s currently on as part of the two-year program that serves to expose employees to all that Epsilon has to offer.


Back to top