Senior Information Security Analyst
At Deem, we create products that give employees everything they need to make better travel decisions, wherever they are. With the most intuitive, secure, and powerful travel solutions, companies save money, their employees stay connected, and everyone gets more done. That’s why more businesses are embracing Deem.
Deem is used by more than 50,000 corporate customers and plugs into the world’s largest travel management companies and expense providers. The company is headquartered in Silicon Valley, California, with offices in Bangalore, India and Dublin, Ireland.
Deem is wholly owned by Enterprise Holdings, the world’s largest car rental provider, and an industry leader in mobility and technology. Enterprise Holdings is one of the top global travel companies, ranking ahead of all other car rental companies, many airlines and most cruise lines, hotels, tour operators and online travel agencies, based on its annual revenues.
We are seeking a talented, energetic, hands on and proactive Senior Information Security Analyst to contribute towards an overall plan and operations that meets Deem's security needs.
The Senior Information Security Analyst is to ensure that the company maintains its strong security posture, compliance with regulations and safeguard our customer’s data.
- Help maintain, and oversee enforcement of policies, procedures and associated plans for system security administration and user system access based on industry-standard best practices.
- Assess need for any security reconfigurations (minor or significant) and drive them if required.
- Keep-up with current and emerging security alerts and issues.
- Play a key role in our transition into cloud, the candidate will assist in implementing /recommending security focused cloud centric solutions and setting polices accordingly (i.e. AWS, Google, Oracle or other cloud technologies).
- Assist with the monitoring of all security systems and their corresponding or associated software, including firewalls, intrusion detection systems, cryptography capabilities, and anti-virus software.
- Ensure the security of databases and data transferred both internally and externally.
- Capable of performing penetration testing our systems in order to identify system vulnerabilities.
- Analyze network vulnerably by analyzing results of Internal and External scans.
- Design, implement, and report on security system and end user activity audits.
- Monitor server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interpret activity and make recommendations for resolution.
- Recommend (where appropriate) applying fixes, security patches, any other measures required in the event of a security breach.
- Recommend / test new security software and/ or tools / technologies
- Ability to effectively prioritize and execute tasks in a high-pressure environment.
- Ability to conduct research into security issues and products as required.
- Experience conducting security assessment in DevOps environment.
- Coordinate information protection effort to comply with industry standard audits including (SSAE-18, PCI, ISO).
- 5+ years in a similar position, or experience in the security field.
- Industry-standard certification, CISSP, CISA or equivalent a plus.
- Familiarity with network equipment and software’s such as switches, IDS/IPS, DIP, Firewalls, VPN, SIEM, WAF, Endpoint security along with a variety of assessment tools.
- Understanding of network and platform operating systems.
- Understanding of TCP/IP and network administration/protocols.
- Understanding of cloud environment in general with a security focus.
- Working knowledge of ISO, PCI and SOC.
- Able to perform penetration tests and collaborating with Engineering a plus.
- Understanding of web security threats (XSS, code injection, etc.).
- Capable of running, analyzing and recommending solutions based on internal/external network scans as part of vulnerability management program.
- Intuition and keen instincts to preempt attacks.
- High level of analytical and problem-solving abilities.
- Strong written, oral and interpersonal communication skills.