Big Village has partnered exclusively with People*Strata on their search for an IT Security Engineer. As the embedded talent team for Big Village our goal is to provide you with white glove service throughout the candidate experience.

About Big Village

Big Village is a global advertising, technology, and data company. Driven by our diverse group of experts, we provide a new way of working by bringing programmatic solutions, media, insights, and creative all under one roof. Big Village is headquartered in New York and has 12 offices across North America, Europe, and Australia. Find out more at big-village.com

GENERAL SUMMARY:

The Senior Security Engineer is responsible for Big Village’s overall security technologies and platforms.  This is a leadership role and senior most technical subject matter expert within Big Village, having ownership of enterprise-wide security technologies, processes, and controls required to satisfy policies, regulatory compliance, and customer contractual requirements.  The role is both hands-on providing privileged daily administration of core security services while also being highly visible and interactive with IT, Infosec, and business leadership.  A holistic perspective of security and a balance of business and technical acumen is required to be effective in the position.

RESPONSIBILITIES:

The Senior Security Engineer will work closely with technical (CTO, DevOps, and IT) and business (Legal, Human Resources, and commercial) stakeholders to ensure information security systems and controls are effectively implemented.  The role will also be a contributor to policy and standards development and will serve as a key representative on Big Village’s Information Security Steering Committee.  Specific responsibilities include:

• Recommend, implement, and manage the tools and platforms required to protect enterprise IT and business unit technology services, including network services segmentation, identity and access management, vulnerability management, and disaster recovery
• Work with additional Big Village IT and engineering resources to provide security administration and operations
• Lead security solution design, product selection, and related change management processes
• Review and approve controls needed to protect Big Village data and technology assets
• Act as a trusted advisor to business units to ensure appropriate security controls are built into products and services in accordance with Big Village security principles and guidelines
• Respond to security alerts and remediate contributing causes
• Lead technical investigations required for security events and incidents, and partner with external forensic specialists as needed
• Assist with data collection and reporting of key security metrics to Big Village’s CISO and Risk/Compliance leads
• Interface with current and prospective clients to communicate company security practices and controls
• Assist with responding to RFPs, security questionnaires, and related client requests
• Participate in client assessments and/or audits as Big Village’s security subject matter expert
• Contribute to and support the development and maintenance of the information security program and risk framework
• Contribute to annual penetration testing conducted by external partners
• Recommend and assist in development of policies, standards, and controls
• Continually research emerging security trends and technologies to identify products, solutions, and methods that reduce risk to company data and technology services
• Partner with other security resources to ensure effective threat and vulnerability management of company assets

EXPERIENCE AND REQUIRED SKILL:

• Extensive hands-on experience implementing and configuring information security tools and services, for example: endpoint protection, email hygiene, web filtering and protection, mobile device management, vulnerability management, and incident, event, and log management.
• Experience implementing infrastructure security or secure software development leading practices
• Knowledge of cloud computing (IaaS, PaaS, and SaaS) and protecting cloud-based services especially those within Microsoft (Office 365, Azure) and AWS (EC2, RDS, S3) as well as container and API security
• Experience implementing security controls aligned to organizational policies and standards
• Knowledge of the SOC 2 standard and related risk management practices
• Knowledge of GDPR and HIPAA regulations
• Experience responding to RFPs, security risk assessments, and audits
• Knowledge of threat intelligence sources and incorporation of these sources into daily operations
• Interpersonal skills with the ability to develop and maintain strong stakeholder relationships
• Strong verbal and written communication skills
• Excellent problem-solving skills with the ability to ask the right questions to uncover the core of the problem.

QUALIFICATIONS:

• Bachelor's degree in computer science, information systems, or a related field is required; Master's degree is preferred
• At least 10 years’ IT experience within application or infrastructure
• At least 5 years’ security experience within architecture, engineering, or operations
• Certified Information Security Professional (CISSP) certification preferred
• Certified Cloud Security Professional (CCSP) certification preferred
• Marketing, advertising, research, or related industry technology experience preferred

#LI-Remote