1+ months

Position Job Duty:

To improve application, system, and network security visibility and validation, responding to events as necessary within required timeframes.

Position Summary:

This is an operational role that requires hands-on experience. Information Security Engineers may be called on to engage in a team effort together with other E&IT departments and non-IT business units. The duties require the consistent exercise of judgment and discretion, ability to work with limited supervision regarding technical issues and the ability to collaborate in technical efforts of a team to meet security project goals.

Required Knowledge, Skills, and Abilities (KSAs):

  • Working on problems involving enterprise security risks with minimal supervision.
  • Perform as a Subject Matter Expert in the realm of Information Security with cross-functional teams in the organization.
  • Document, and assist in providing security advisories for staff
  • Co-authoring information security policies and defining procedures to implement industry best practices.
  • Participating in projects to identify security issues proactively through analysis of network traffic, software and hardware testing, log review and consultation with users.
  • Conduct or collaborate on forensic examinations of digital records, logs, and other data.
  • Working with various corporate security systems
  • Work with IT End User Support staff in analyzing security-related events to assist with escalation decisions.
  • Participate in or coordinate security monitoring and incident response for ICANN systems.
  • Coordinate with vendors and external security teams to address security issues for external IT services and systems.
  • Evaluate the impact to the organization of current security advisories, publications, and trends.
  • Apply automation to simplify routine tasks.
  • Perform security reviews and provide insights throughout all phases of software development.
  • Proficiency in developing clear, concise and easy to follow documentation for security operations related procedures.
  • Scripting/programming skills such as shell scripting, Python, Perl.
  • Systems operation and administration experience with Linux, Windows Server, VMware and/or container
  • Incident Response
    • Respond to security events on a 24/7 basis if necessary
    • Collect, analyze and archive electronic and written records, digital media, notes, and other evidence
    • Identify ways ICANN can learn from security events and avoid repeat events
  • Subject Matter Expertise in at least 2 of the following areas, with the capability to acquire expertise in all:
    • Identity Management
      • Authentication and Authorization
      • User Behaviour Analytics
    • Data Security
      • OS Security Hardening (Windows, Linux, MacOS, iOS)
      • Knowledge (or the capacity to quickly gain knowledge) of encryption theory and practice (e.g. TLS, HMAC, RSA, AES, PKI)
    • Network Security Monitoring
      • Log Management (SEIM)
      • IDS/IPS
      • Packet Capture Dissection
    • Web Application Security
      • Attack Techniques
      • Secure Coding Practices
      • Common Vulnerabilities and Mitigation
    • Vulnerability Detection and Management
      • Manual Attack / Defense Techniques
      • Automated Scanning
      • Passive Network Detection
    • Threat Modeling and Security Controls
      • DREAD
      • STRIDE
      • NIST CSF
    • Data Security/Privacy Practices
      • Anonymization methods
      • Tokenization methods
      • Masking methods
  • Other duties as assigned or requested
  • Able to travel internationally if requested

Desired Education and Experience Requirements

  • Bachelor's degree in Computer Science or IT or equivalent training and experience in Computer Science, Information Technology, with 3 - 5 years of related experience.
  • Professional certifications in Information Security, such as SANS GIAC certs or similar.
  • 3 - 5 years of overall IT operational experience including, ideally, at least two years of security-related projects.
  • Strong written and verbal communication skills in English.

Categories

Industry

  • Information Technology
Posted: 2019-02-20 Expires: 2019-04-20

ICANN

The global Internet community working together to promote the stability and integrity of the Internet.

As a private-public partnership, ICANN is dedicated to preserving the operational stability of the Internet; to promoting competition; to achieving broad representation of global Internet communities; and to developing policy appropriate to its mission through bottom-up, consensus-based processes.

Featured Jobs

Career News

Before you go...

Our free job seeker tools include alerts for new jobs, saving your favorites, optimized job matching, and more! Just enter your email below.

Share this job:

Information Security Engineer

ICANN - Internet Corporation for Assigned Names and Numbers
Singapore

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast