About Sage Intacct:
Sage Intacct is the only preferred provider of financial applications by the AICPA and has companies on the system with thousands of users, consolidating several hundred entities, and managing hundreds of thousands of daily transactions. The multi-entity architecture of Sage Intacct supports business expansion, automating processes that dynamically change as a company grows. This technology infrastructure scales effortlessly, so companies can easily increase their number of users, customers, transactions, and locations – without the need for lots of manual effort, consultants, or workarounds.
Job Description:
The Information Security and Compliance Specialist is an integral member of Sage Intacct’s security team which has overall information security responsibility for the enterprise. This position can be described as a very broad-based position and will provide the candidate exposure to many facets of Information Security across product, operations, engineering, and IT. This position requires hands on experience in security engineering, architecture, administration of security technologies and experience with data analysis and risk management. This position will require collaboration with Engineering, QA, Operations, Product Management, Support and other departments to ensure compliance with policies and other activities which impact the confidentiality, integrity and availability of our application, infrastructure and business processes.
Job Responsibilities include:
- Deployment, administration and operation of security solutions such as vulnerability scanning and pen testing tools, log aggregation & analysis tools, data loss prevention systems, intrusion prevention devices and other tools as necessary
- Maintain up-to-date detailed knowledge of the information security industry, including awareness of new or revised security solutions, improved security processes and the identification of current and new attacks and threat vectors especially as it relates to Sage Intacct and its customers.
- Provide recommendations and limited administration of security products and services to include firewalls, encryption technologies, patching, certificate management, anti-virus, email security controls, intrusion detection/prevention, identity and access management and security scanning and assessment tools
- Conduct security audits and assessments, analyze results, identify remediation activities and/or compensating controls and track remediation efforts to completion.
- Deployment, administration and operation of security solutions
- Respond to customer or other third-party inquiries
- Assist in evidence generation, collection and other activities to support compliance requirements
- Participate as a member of the Incident Response Team by conducting forensic analysis and troubleshooting to assist in the containment and remediation of security incidents
- Identify security issues and provide the appropriate resolution or make recommendations to Sr. Management on how to resolve or identify compensating controls related to security findings
- Performing IDS monitoring and analysis, network traffic analysis, log analysis, prioritization and differentiation between potential intrusion attempts and false alarms
- Participate in periodic information systems risk assessments.
Job Requirements:
- Bachelor’s degree in an information technology discipline or equivalent IT experience required
- Relevant IT or security certifications including CISSP, CISM, CRISC, CEH or SANS certs are expected
- Extensive experience (5+ years) in information security operations and/or related IT operational functions
- Requires demonstrable background in: security products and technologies; security engineering/architecture, networking protocols, security analysis and investigations
- Hands on working knowledge of AWS, with specific experience administrating AWS Security related services
- Demonstrable ability to analyze network packets and log data
- Experience with Splunk, ElasticSearch, Snort, Tripwire, Wireshark or other analytics tools a plus
- Experience with Cisco ASA and Palo Alto Firewalls a plus
- Programming experience in scripting languages such as Windows PowerShell, Python, Perl, Bash, etc., highly desirable
- Ability to multitask, prioritize, coordinate, work well under pressure and meet deadlines
- Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to both technical and non-technical audiences
- Must be a critical thinker with strong problem solving skills and a "can do” attitude
- Must have experience with MS Office products with a strong working knowledge of Excel Pivot Tables and Charts.
- Must stay up to date with current vulnerabilities, attacks, and countermeasures
- Must be able to and willing to work independently with minimal amount of supervision
Apply here: http://app.jobvite.com/m?3AxlAlwS
Sage Intacct Corporation is an Equal Opportunity Employer, and all qualified applicants will receive consideration for employment, as Sage Intacct Corporation does not discriminate on the basis of race, color, religion, **gender**, age, national origin, disability, veteran status, **gender** orientation or any other classification protected by Federal, state, or local law.