Infrastructure Engineer IV for Principle

Arrow Electronics is a global provider of products, services and solutions to industrial and commercial users of electronic components and enterprise computing solutions, with 2015 sales of $23.28 billion. Arrow serves as a supply channel partner for over 100,000 original equipment manufacturers, contract manufacturers and commercial customers through a global network of more than 460 locations serving over 85 countries.

The qualified candidate will provide design, engineering, planning, installation, configuration, maintenance and level 3 support of the Arrow Electronics technical security infrastructure ensuring reliable, secure, high performance data communication services for Arrow. As Arrow has a global presence, this position may require domestic and international travel. The Information Security Principle Engineer / Architect will report to the Manager of Information Security and is a member of the Global Information Security Team responsible for providing global security including Internet, Intranet, Cloud, and Extranet connectivity.

* Work closely with enterprise architects, other functional area architects and security specialists to ensure adequate security solutions are in place throughout all IT systems and platforms to mitigate identified risks sufficiently, and to meet business objectives and regulatory requirements. * Serve as a security expert in application development, database design, network and host operating system efforts, and helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. * Consult with other IT teams and business units regarding risks, standards of due care and appropriate information safeguards to align with information security policies and standards. * Research and analysis of emerging security technologies and solutions. * 3rd level support and troubleshooting of network and security related problems. * Participate in security event and incident management activities. * Participate in disaster recovery efforts including design, documentation, and testing. * Participate in the development and promotion of information security policies and standards. * Work closely with with other IT teams and business units regarding risks, standards of due care and appropriate information safeguards. * Continual research of emerging technologies and threats, as well as helping the enterprise make informed decisions regarding how best to implement new technologies and prevent risk to the enterprise.

* Bachelors Degree in Computer Science, Engineering, or a related technical discipline, or the equivalent combination of education, professional training or work experience. * 8-10 years of related experience in performing network, systems, and security engineering. * Professional security management certification, such as a Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or other similar credentials, is desired. * Understanding of secure coding practices and setting standards for secure application development. * Strong understanding of security technologies and strategies, including but not limited to: firewall, IDS, policy management, security processes/best-practice, logging/monitoring, antivirus, vulnerability assessment, patch management and incident response. * Experience with designing and ensuring secure application delivery across server, web, application and database tiers. * UNIX/Linux system administration experience. Windows a plus. * Analytical thought needed to resolve issues in a variety of complex situations. Job covers a wide range of activities that require complex judgments and solutions based on sophisticated analytical thought. * Solid understanding of network topologies / design: routing, switching, DNS, and MPLS/VPLS * Solid understanding of common and emerging attack vectors, penetration methods and countermeasures. * Experience with mobile device security and BYOD controls. * Experience with perimeter-based content management and threat protection utilizing proxy technologies as well as zero-day threat discovery and prevention. * Approximately 15% travel