Senior Information Security Consultant Quinstreet
Foster City, CA

Job Description

Senior Information Security Consultant

Corporate Overview

QuinStreet makes the digital media channel affordable at scale for marketing clients. We match high-intent consumers in one of the nation's largest media networks to the right solution and the right client.

Our industry leading segmentation & matching technology platform allows marketing clients to target and reach "research & compare" customer prospects, segment by segment. Our databases and optimization algorithms are built from almost 20 years and billions of dollars of online media experience.

We believe in the direct measurability of digital media. We believe in performance marketing. (We pioneered it.) And we believe in the advantages of technology. We bring all of this together to deliver truly great results for our clients in the world's biggest channel.

Job Category

With the high visibility we have online, Information Security is a critical top priority here at QuinStreet. We are looking for an accomplished Senior Information Security Consultant to report to the VP of Information Security & Compliance to help build out, implement and manage an extensive Information Security program with a wide-variety of coverage and influence.

This is a highly dynamic role that will involve support for both broad range security risk assessments around company-wide policies and procedures, and application security as it relates to our development life cycle. This individual will work very closely with our Vice President of Information Security.

Responsibilities

* Provide security guidance to our developers to ensure that our continuous stream of new applications and services are as robust as possible
* Identifies, highlights, and provides security recommendations during requirement and design reviews
* Conducts in-house penetration testing and code-reviews
* Conduct regular security assessments of internally developed applications
* Create automated tests to encourage and enforce security standards
* Develop security training and education for our software engineers
* Define an information risk management strategy and implementation road map
* Evaluate QuinStreet's existing information security and data privacy architecture for effectiveness
* Lead the cross functional effort to define secure configuration standards for key technology platforms
* Define an information risk assessment process and conduct annual risk assessments
* Design and implement processes and technology solutions to assess, monitor, audit and enforce compliance with internal and regulatory requirements, such as PCI, SOX, and others
* Creating detailed business, technology, operational and, security requirements
* Solution delivery / implementation (directly or through partnerships)

Qualifications

* BS in Computer Science or related, with 5+ years of experience in application/IT security
* Strong programming background
* Experience with modern Web Application Framework (Java/Rails/.Net) required, .Net Framework 3.0 - 4.0, ASP.NET, ASP.Net MVC desirable, NHibernate, IoC based Framework, AOP Framework, Web Services (SOAP/WSDL or ReST/WADL), WCF desirable
* Knowledge of Security Flaws and its Resolution as listed in sites like OWASP, SANS, etc.
* + IT Security; CISSP and CISM Certifications; Web Application, Network and Systems infrastructure security support, IT Audit and Sarbanes-Oxley Compliance;
* Experience in secure application programming, code reviewing, and penetration testing web based application
* Experience leading implementation efforts of security initiatives and resolutions of any findings from internal or external assessments
* Experience identifying security risks and developing solutions to eliminate or minimize risks
* Knowledge of software design, software, network architecture, protocols, and standards
* Strong information security skills related to IT infrastructure and data security
* Strong knowledge of US and International regulatory requirements
* Strong knowledge of Information Security and Risk Management
* Knowledge of Payment Card and Financial Industry is a plus

QuinStreet is an equal opportunity employer. We do not discriminate on the basis of race, color, religion, national origin, pregnancy status, sex, age, marital status, disability, sexual orientation, gender identity, or any other characteristics protected by law.