Job Description
You will be part of Denodo’s Security team, which is responsible for managing security compliance, as well as, respond to customers' and third parties' security requirements. Besides, the Security team provides design, deployment & support for security systems, services, and requirements in all Denodo locations.
The ideal candidate will be a security compliance professional with an optional technical background. We are willing to consider candidates that have a serious desire to enter the security profession and would enjoy jumping into a challenging position on the cutting edge of security operations. As a Security Engineer, you will be responsible for managing the policies, procedures, and controls to ensure that the corporation meets and maintains compliance with general security standards. Additionally, the candidate will be enhancing the corporate security and detection capabilities to catch advanced threats, appraising threat actors, building advanced correlation use cases, and reporting. The candidate will improve global corporate security by defining, selecting, deploying, and operating new security platforms.
DUTIES & RESPONSIBILITIES.
- Presales & Customer Communication
- Respond to security sections on Request for Proposals (RFP), Requests for Information (RFI), Proof of Concept (POC), assessments, review security contract clauses, and perform vendor assessments from our customers
- ISO Audit and Compliance
- Managing the Denodo Information Security Management System (ISMS) according to the ISO/IEC 27001:2013 certification processes including the Information Security policies, procedures, guidelines and audit
- Participation in the risk analysis process in the role of a technical expert
- Collaborate with the business teams and staff at all levels to promote the Information Security agenda
- Develop and manage the continuous improvement of security controls
- Develop and perform a vendor assessment to our suppliers
- Update process documentation and team portals
- Support auditors and provide articles of evidence as needed, review audit reports, implement or support the implementation of necessary remediations
- Build, Communicate and Secure Internal Systems
- Ensure that security policy and security standards are implemented and adhered to while also managing exceptions
- Stay abreast of current and future security risks and adapt mitigations and controls accordingly
- Raising user awareness in technological areas
- Implement and support the deployment of new security technologies, both software and hardware, across the company including both Cloud and on-site solutions for the protection of the organization based on the latest threats
- Provide operational incident support across a set of assigned technologies
- Implement requested changes, updates, and improvements to the global security infrastructure including minor updates, report development, access provisioning, implementation of major upgrades, as well as alert tuning and development
- Assist Information Asset Owners and other company teams to define and implement appropriate security recommendations
- Security Operations
- Involved in security breaches and threats, issue handling, and investigate violations when they occur
- Implementation of technical safety measures
- Maintenance of Information and Communication Technology (ICT) infrastructure and resources related to support the ISMS
- Supervision of access rights to the Denodo’s corporate resources
- Support of users in security related topics and incidents
- Communicate with peers and managers regarding security issues
- Participate in 24x7 on-call
- Willing to work on a flexible schedule when necessary (working outside of normal business hours, holidays, and some weekends)