Information Security Engineer
- Develop and maintain BlackLine’s risk framework.
- Define effective information security standards, processes, and procedures.
- Perform security assessments and penetration tests.
- Administer security tools and technologies.
- Evaluate, recommend, and deploy security tools and technologies.
- Collect and analyze systems/application security logs.
- Monitor industry trends and threat landscape and recommend necessary controls or countermeasures.
- Ensure compliance with internal policies/standards and regulatory requirements.
- Respond to security incidents; perform forensics activities and root cause analyses.
- Perform other duties as assigned.
- 3+ years of hands-on information security experience.
- Expertise in Windows and IIS. Working knowledge of Linux/Unix (advanced Linux skills are a big plus).
- Working knowledge of network security -- thorough understanding of the OSI model and comprehensive knowledge of common protocols and services for levels 3 through 7.
- Proven track record of effectively supporting commonly-used information security tools and processes (e.g.: patch management, log management, malware management, web filtering, firewalls, proxies, APT, IDS, DLP, HIDS/NIDS, network access control, threat and vulnerability management)
- Experience supporting high-volume, high-availability web-facing environments.
- Wireless security and mobile devices management.
- Knowledge of encryption algorithms and related technologies, secure communications, SSL, PKI.
- Functional skills in at least one scripting language (e.g.: Perl, Python). Working knowledge of WMI and WSH.
- Solid knowledge of common vulnerabilities and exploitation techniques (e.g.: SQL injection, buffer overflows).
- Ability to define effective information security standards applicable to specific environments.
- Advanced written and verbal communication skills including ability to present technical subjects to non-technical audiences.
- Strong work ethics, attention to detail, and organizational skills.
- Ability to multi-task and manage priorities in a fast-paced environment.
- Ability to collaborate in a team and work independently.
- Intermediate proficiency with the Microsoft Office suite.