Senior Information Security Engineer

Dex Media is dedicated to working with local businesses to provide marketing solutions that will help them win, keep and grow their business and be successful. There was a time when all that was needed to promote a business was a listing in the local newspaper. However, times have changed. Today’s local businesses often find themselves in direct competition with national chains or subjected to the pricing whims of local on-demand companies.

Provides senior level expertise on decisions and priorities regarding the enterprise s overall information security architecture. Configures, implements, and maintains information security systems to ensure the confidentiality, availability, and integrity of company information assets.

• Defines, and maintains information security processes, controls, and policies. Liaise with Senior and VP Level IT Management, as well as Legal, HR and Governance to drive security policy balancing enterprise data protection and productivity. This also includes regular auditing and remediation of above. This requires in-depth knowledge of technical regulations and best practices. Additionally, it demands persistent learning of new technologies, industry trends, and technical or social engineering threat vectors.
• Security Systems Administration - Implement, manage, and maintain all security systems within the enterprise. This requires well-rounded hands-on knowledge in areas such as Windows, Unix, Networking, Firewalls, and Security Vulnerability and Monitoring Tools.
• Participates in maintaining company compliance with applicable federal and state laws and industry requirements. These include but are not limited to PCI, SOX, and HIPAA. This requires detailed knowledge or certifications in corresponding compliance areas.
• Perform risk assessments and audits of enterprise systems, and established IT practice to ensure ongoing risk mitigation and compliance.
• Works closely with IT groups and Business Leads on new initiatives to understand risk at both a project and operational level. This includes architecting and implementing technical or process driven mitigation strategies.
• Evangelize security across the engineering team and beyond. This includes education, mentorship as well as a commitment to building relationships across the business.
• Project Leader - Leads, or support complex IT projects as a subject matter expert or consultant.

• Minimum 5 years of experience as an Information Security Engineer
• Working knowledge of network security architecture and protocols, identity management and access administration, intrusion detection/prevention, VPN, system logs and event correlation, digital forensics, Active Directory, Windows, Unix/Linux, encryption, SSO, vulnerability management and scanning.
• Experience and demonstrable skills with automation and scripting languages. Windows PowerShell experience a plus.
• Experience and demonstrable skills with web technologies and cloud platforms such as Azure and AWS.
• Experience working in a mission-critical environment. Extensive knowledge of information security best practices, SOX, HIPAA, Privacy, and PCI DSS.
• Strong problem solving and analytical skills.
• Ability to manage multiple complex challenges in parallel, and solve them with cost effective, highly automated, efficient, and proven security technologies or controls.
• Strong ability to work with incomplete information, adapt to changing priorities, and improve continuously.
• High standard of ethics.
• CISSP certification