Senior Information Security Engineer
Location Options: Position can sit in New York, NY near Penn Station OR *Just a 25 minute train ride from Grand Central to Yonkers, NY (Partial Remote Work Available for Yonkers location)
A division of IAC (Nasdaq: IAC), Ask Applications is one of the world's largest distributors of desktop applications, browser extensions, and PC optimization software. Our mission is simple: build cool software that makes life easier in just a few clicks. Our extensive portfolio includes hundreds of lifestyle, entertainment, and utility apps such as FromDoctoPDF and MapsGalaxy, that serve more than 120 million monthly active users worldwide.
Ask Applications and the Mosaic Group is seeking a Senior Information Security Engineer to join our security team and further the development of enterprise security. Reporting to the Director of Information Security, the Senior Information Security Engineer will work with business and technical teams to identify and remediate vulnerabilities, implement security tools, improve user awareness and training, as well as assist in incident response planning. This individual will help develop security programs and policies, identify and implement appropriate technical solutions and assist in the hands-on operation of security related systems. Expectations of this role include: subject matter expertise in the implementation of security systems, participating in the development of policies, procedures, and documentation, and providing a platform for consistency across all of our businesses.
* Assist in the development and execution of security projects
* Lead security product selection & implementation efforts
* Develop operational procedures for security tools (vulnerability scanning, SIEM)
* Provide hands-on technical assistance to teams during the implementation of security tools
* Conduct security testing efforts across the company; track remediation and report findings
* Work with team members to implement new and refine existing security procedures
* Work with vendors to perform security audits ensuring they meet industry standards
* Monitor threat landscape for emerging threats; communicate threat information to the business
* Participate in security response efforts including off-hours
Requirements and Skills:
* Expert knowledge of the following security tools and technologies:
* Vulnerability Assessment (Rapid7, Qualys, Retina CS)
* SIEM (Arcsight, QRadar, Splunk, ELK/Kibana)
* Next Gen Firewall (Palo Alto, Juniper)
* Endpoint Security (CarbonBlack, Palo Alto Traps, Cylance)
* Web Application Security (AWS WAF, F5 ASM, CloudFlare WAF)
* Knowledge of OS Security (Linux, Windows and Mac)
* Knowledge of authentication systems (LDAP, Kerberos, SAML)
* Knowledge of web application security concepts, OWASP Top 10, HTTPS
* Working knowledge of static and dynamic code analysis
* Understanding of compliance (SOX, PCI) and its influence on security technologies
* Software development or scripting knowledge is preferred.
* Excellent organizational and time management skills
* Excellent communication skills
* Ability to tactfully communicate and achieve results across team boundaries
* Ability to work and manage time independently
* Ability to convey a strong presence and professional image
* Ability to confidently work in a highly complex technical environment
* Ability to resolve ambiguity and take decisive action
* 5+ years IT Security experience
* Bachelor degree in Computer Science/Engineering or equivalent work experience
* CISSP, CCSP, SSCP, CEH or other security certifications are preferred
Why Ask Applications?
* A fun working environment with a lot of perks including but not limited to:
* Unlimited PTO!
* Free Parking!
* Company Contribution towards Commuter Benefits!
* Fully stocked kitchen!
* Fitness, yoga, and massages!
* Environment where you can mentor and learn from others.
"We're improving YOUR digital landscape, by intense collaboration"
Spend a few minutes with our amazing people and you'll see why they commute up to Yonkers, NY! This is Ask Applications: unscripted, unfiltered, in all of our quirkiness and Ping Pong-ing intensity. We love what we do, and how we do it. Check out what makes us unique and get a taste of what it's like to build a career here! https://www.youtube.com/watch?v=6LESnUOvl8c