Blood Systems is hiring for an IT Security Engineer Architect in the Phoenix/Scottsdale area.
Under minimal supervision, the Information Security Engineer will participate in evaluating, developing, and implementing security tools, standards, procedures, and guidelines for multiple platforms in diverse systems environments. The Information Security Engineer will utilize their wide area of expertise in network, applications, access management, security frameworks and other areas to provide security support to a growing enterprise.
DUTIES AND RESPONSIBILITIES:
Performs all assigned duties in compliance with internal SOPs and external regulations. Brings compliance issues to the attention of management.
Assures quality customer service to all customers.
Maintains good attendance and punctuality per the absence policy.
Responsible for supporting information security functions across the enterprise.
Defines security best practices and provides guidance to Enterprise Application and Infrastructure teams for continuous process improvements.
Researches and evaluates proposed application architecture solutions for adherence to documented company standards, policies and regulatory responsibilities.
Determine application security requirements by evaluating business strategies and requirements, research information security standards, conduct system security and vulnerability analyses and risk assessments and identify integration issues.
Works with Infrastructure Operations team to reduce risks to information assets by recommending/implementing controls e.g. encryption, network segmentation, access controls, patch and vulnerability management.
Participates in incident response and investigations of suspected information security events, misuse or compliance reviews.
Works with Information Security Analysts to provide security technology escalation support and remediate security issues.
Performs assessments to ensure use of established security policies, practices and expectations across all platforms, operating systems and applications.
Analyzes current attack trends, technologies, and methodologies and design and implement technical and process oriented countermeasures.
Assess emerging technologies against security architecture to determine where they fill gaps, overlap with existing solutions or extend capabilities.
Participates in annual security audits, incident response exercises, security reporting, audit and compliance support.
Performs all other duties, at the discretion of management, as assigned.
Bachelor’s degree or equivalent combination of education and experience required.
Certified Information Systems Security Professional (CISSP), Systems Security Certified Practitioner (SSCP), Certified Ethical Hacker (CEH), Certified Information System Auditor (CISA), or GIAC Security Expert (GSE preferred.
Fifteen years of progressive experience in Information Technology related roles required. To include:
Eight years of experience in Information Security, including firewall, intrusion detection/prevention systems, anti-malware products, forensics tools, data encryption, Data Loss Protection, VPNs, vulnerability scanners, multiple operating systems (Windows, UNIX, Linux, etc.), and directory services (Active Directory, LDAP)
Must possess the skills and abilities to successfully perform all assigned duties and responsibilities.
Demonstrated understanding of software systems and development concepts including: access, authorization, configuration, design, test & maintenance.
Strong business analysis skills.
Ability to work effectively in a collaborative team environment as an individual contributor.
Resourceful, creative, innovative, results driven and adaptable.