Sr Security Engineer
Interactions is changing the way businesses and consumers communicate by transforming frustrating experiences into productive conversations.
At Interactions, we have created an environment that is based on innovation, quick-thinking and abundant growth opportunities. Our employees are smart, hard-working and invested in the success of the company. We pride ourselves on our forward-thinking and innovation, and our ability to balance a start-up environment with a healthy work-life balance.
Working at Interactions is an opportunity to be part of the team that’s changing the way customer care is delivered.
To support our continued growth, Interactions is hiring a Sr Security Engineer. The Sr Security Engineer is responsible for the overall security of the Interactions Virtual Assistant Cloud Platform. The Sr Security Engineer will collaborate with peers in the Operations teams and with upper management to plan, implement, operate and improve the security controls for the multi-site, 24x7 infrastructure and solutions that make up the Platform. The Sr Information Security Engineer must stay current with emerging cyber threats through security bulletins, external peer groups, and information security circles. Our customers demand stringent security and privacy requirements which you will play a critical role in implementing, monitoring and maintaining.
This position demands an organized, detail-oriented team player with the ability to prioritize tasks and support multiple initiatives simultaneously; strong technical ability and excellent communication is required.
- Plan, enhance and help implement detailed risk analysis functions for the application components, underlying network/compute infrastructure and other systems.
- Work closely with the architecture teams to evaluate the security readiness of new features and functionalities in the Platform. Evaluate and implement new security best practices in keeping with the latest trends and technologies.
- Collaborate with the documentation team to improve various security and compliance related documentation.
- Responsible for improving and implementing security hardening processes for overall infrastructure security, data integrity, audit logging, patch management and documentation.
- Actively engage with our security and auditing vendors to help with PCI assessment, SOC audits and other security related functions.
- Research, evaluate and recommend third party products and vendors for various security related products, services and solutions.
- Mentor and guide other teams in the company on security best practices, security vulnerabilities and implementation/enforcement of the compensating controls.
- Proactively review, track and design various aspects of the Platform to ensure compliance to standards like PCI, HIPPA and FISMA.
- Responsible for the design/implementation of scalable security monitoring solutions and maintaining/improving the current solutions.
- Lead security incident response planning and implementing CSIRT plans.
- Assist the Sales and Solution Engineering groups with responding to RFPs and representing the company in security related discussions with prospects and customers.
- Actively engage with the Operations and Engineering teams to help drive the security related aspects of change control and management.
- Bachelor’s Degree in Computer Science, Information Technology, or equivalent technical education.
- Minimum of 10 years experience in Systems or Network Administration with the most recent 5 years in Information Security.
- Significant experience implementing and maintaining requirements for PCI, NIST, SOC (and/or similar) compliance.
- Thorough understanding of core security concepts, OWASP top 10, common protocols like TLS is a must.
- Prior knowledge of NIST security framework and SANS Critical Control documentation.
- Experience with certificate management (CA management) and key protection/management.
- Hands on experience with scripting languages (Shell/Python/Perl) and with administrative functions on Linux.
- Experience implementing SIEM and log management solutions.
- Experience implementing IDS and other proactive monitoring solutions.
- Ability to work within design teams and mentor IT colleagues.
- Excellent oral and written communication skills.
- Certifications like CISSP, SSCP, CISM or similar ones.
- A strong networking background having worked on routers, switches and firewalls.
- Familiarity with SIP and other Voice technologies is a plus.