Data Security Engineer

Mindlance is a national recruiting company which partners with many of the leading employers in the Life Sciences, IT, and Financial Services sectors, feel free to check us out at http://www.mindlance.com.

Job Title: Data Security Engineer
Duration: 12+ months
Location: Auburn Hills, MI

Job Description:

Candidates come ready to protect the enterprise landscape of data and computer systems. An International organization focused on secure, next generation data infrastructure is seeking a Data Security Engineer who has a passion for security coupled with large-scale know-how. As part of the Chief Information Security Officer’s team, responsibilities of the Data Security Engineer will include, but not be limited to:

• Teaming up with the usual suspects (a.k.a., cross-functional IT members) to determine the “best path forward” plan to securing the environment through controls, scanning, remediation, and hardening.
• Actively identifying security vulnerabilities, threats, and exposures within the enterprise (servers, applications, and databases).
• Bringing your “A” game to security testing techniques (scanning, auditing, and penetration testing).
• Identifying concerns of residual risk, vulnerabilities, and other security exposures due to legacy systems or configuration errors.
• Staying sharp by identifying new-to-market solutions that lead to best-in-class security practices.
• Serving as security sense-check for IT project delivery and server lifecycle build process.
• Joining forces with the ranks of Information Security leadership to develop strategies and plans to enforce security requirements and address identified risks.
• Reporting security metrics for dynamic dashboards and executive reviews.
• Doing the right thing by aligning cutting edge data and systems security practices to law of the land (regulations and policies).
• Lending expertise to know when risk may be acceptable.
• Ensuring security is top of mind.
• Other challenging opportunities as assigned.

Required Skills and Education:
• Operational knowledge and skills (4+ years preferred) related to general industry security standards for application security, vulnerability management, and overall data security
• Self-motivated and able to plan and carry out responsibilities with minimal direction and supervision
• Excellent decision-making, analytic, and organizational skills
• Strong written and verbal communication skills
• Superior interpersonal skills (“team player” characteristics) and professional demeanor at all levels of the organization
• Bachelor’s Degree in Computer Science, Information Technology, Management Information Systems, or Software Engineering
NOTE: A combination of education and experience equaling at least a Bachelor’s degree will also be considered.
• Working knowledge of common network devices as well as Windows and Unix operating systems
• Familiarity with industry standards regarding system and application hardening and associated scanning tools.

Demonstrated Technical Experience:
• Vulnerability scanners
• Application security testing
• Security and technology controls

Desired Certifications:
• Certified Information Systems Security Professional (CISSP) or,
• Certified Information Systems Manager (CISM) or,
• GIAC Security Leadership (GSLC) or,
• GIAC Information Security Professional (GISP) or,
• GIAC Certified Web Application Defender (GWEB)

Travel Requirement:
• Limited International travel may be required