Job Description
Client: Burbank, CA
Work location: 100% remote but support based on Pacific time
Duration of Assignment: 18 months
W2 Only Position
Job Requirements:
Application Security:
• Partner with the Application & Security Architect(s) to drive adoption of “Security by Design” principles for all new services and projects, while assessing and driving security enhancements across existing solutions.
• Develop and implement comprehensive security best practices across the application portfolio.
Information Security:
• Direct and support embedded, industry-focused Security and Compliance activities throughout the organization
• Liaise with Global InfoSec to streamline and standardize SecOps procedures
• Consolidate and create action plans with GIS based on WE feedback on SecOps process improvement opportunities
• Ensure leadership remains fully informed of the status of all vulnerability assessment and security remediation activities pertaining to our products and services
Compliance:
• Act as the liaison to Security Architecture on all risk assessment activities; partner with application teams on remediation efforts
• Understand established governance policies and procedures and ensure the company is operating according to ISPS standards
• Proactively audit and report on the compliance status of products and services
• Act as the organization’s primary advocate on governance policy, and lead policy refinement efforts
• Liaise with Management Audit to streamline procedures and standardize on terminology definitions
• Serve as a consulting partner during Audits
Data Privacy:
• Liaise with Legal and Privacy teams to stay ahead of the ever-changing global data privacy landscape
• Ensure our organization is prepared and able to comply with all privacy regulations
• Proactively audit and report on our org’s adherence to global data privacy regulations
Data Management and Retention:
• Ensure that all data owners that consume our org’s services clearly articulate data retention requirements to their respective data custodians
• Ensure that all data custodians (service owners) are prepared and are complying with data owner retention requirements
• Proactively audit and report on our org’s adherence to our data retention requirements
Qualifications:
• 3+ years in IT security in an environment of similar size/complexity
• 3+ years operating in an application development environment, with emphasis in agile development
• 3+ years in compliance management within a regulated environment (SOX, GDPR, HIPAA)
• Must have expert knowledge of information security components, principles, practices, and procedures.
• Experience with industry and regulatory requirements (i.e., SOX, GDPR, HIPAA)
• Must have strong knowledge of web application, infrastructure, and internet security along with a general understanding of common operating systems, networking protocols, database, and application development.
• In previous roles, the right candidate has hands-on experience in a wide variety of technology concepts and products, including but not limited to:
• Security (Pentesting, Audits, SOC reports, SSAEs)
• IP Networking (Routers, Firewalls, Multicasting)
• Operating Systems (Linux, Windows, Mac OS)
• Hosting Providers (AWS, Google Compute, MS Azure)
• Apps and Platforms (O365, 2FA – Okta, Azure, Citrix, SCCM, Jamf, Active Directory GSuite)
• Experience in Secure Software development, with experience in a Continuous Integration / Continuous Deployment / DevOps environment is preferred
• Knowledge of SAP Security, Identity and Access Management a plus
• Certification a plus: - CISSP, CISM, CISA or equivalent
Required Education:
· BS degree or equivalent work experience
Company Description
TenTek has been in business since 1989, and is recognized as a leading staffing provider of tech professionals to a growing client base.