Information Security Engineer – Remote Opportunity!
|Published||May 11, 2023|
When it comes to creating educational travel adventures that enrich the lives and fulfill the dreams of more than 100,000 people every year, there's no organization better than Road Scholar. What's our secret? Dedicated and talented staff who believe in our mission.About the role...The Information Security Engineer is responsible for planning, developing, implementing, and maintaining information security environment in alignment with industry standard practices, authoritative source guidance, and regulatory requirements. The ISE will have primary responsibility for several areas of information security, including, but not limited to: data security, security baselines, endpoint security, network security, security monitoring, threat intelligence, vulnerability management, Identity and Access Management (IAM), information security incident management, and resiliency. This position will work with the Associate Vice President, Information Technology to provide reporting to organizational leadership regarding the current status of the information security program at Road Scholar.This opportunity is remote within the continental United States.You will...Design and implement information security architecture and solutions that meets the organization's needs for confidentiality, integrity, and availability of information and systems.Develop technical security projects to address identified information security risks and business information security requirements.Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing management with a realistic overview of risks and threats in the Road Scholar environment.Stay up-to-date with emerging security threats and vulnerabilities, and recommend appropriate countermeasures and security technologies.Integrate security requirements into system and network architecture.Participate in incident response and investigation activities and develop and maintain incident response plans.Participate in audits and assessments of the organization's security posture and ensure that any identified deficiencies are remediated in a timely and effective manner.Monitor and report on compliance with technical security policies.Communicate information security goals and new programs effectively to the Associate Vice President, Information Technology.Serve as a focal point of contact for the information security team.Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.Implement and oversee technological upgrades, improvements and major changes to the information security environment.Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.Work with the development teams to ensure that there is a convergence of business, technical and security requirements.Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.Manage and contain information security incidents and events to protect Road Scholar IT assets, intellectual property, regulated data and the organization's reputation.You need...A Bachelor's degree in Computer Science, Information Security or equivalent work experience.4-7 years of experience in Information Security, with a focus on security architecture.Professional security management certification or be able to achieve certification within 6 months, such as Certified Information Systems Security Professional (CISSP), CISSP Architecture Concentration (CISSP-ISSAP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), SANS Global Information Assurance Certification (GIAC), or other similar credentials.Strong knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to convey information security concepts to technical and nontechnical audiences at various hierarchical levels.Experience in designing and implementing security solutions for enterprise-level organizations.Strong understanding of security technologies and protocols, including firewalls, intrusion detection/prevention systems, VPNs, encryption, and access control systems.Familiarity with regulatory requirements related to handling information, including SOX, HIPAA and Payment Card industry/Data Security Standard (PCI).Experience with vulnerability resolution best practices.Keep abreast of industry security trends and developments.Vendor relationship management - ensure that service levels and obligations are met.Excellent analytical skills, the ability to manage multiple projects under strict timelines.Road Scholar offers a remote-first work environment with the option to work at one of the local campuses as needed. Road Scholar currently has a mandate in place with regards to working on site, attending events and/or programs. Employees are required to show proof vaccination status, including the 2 COVID-19 vaccinations and thebooster.Why join the Road Scholar Team...We offer competitive compensation and excellent benefits:Medical, Dental and Vision Insurance3 weeks of Vacation TimeUp to 8 days of Sick TimeAbility to work 100% remote!Paid Holidays (11)Retirement Plan with a company match up to 5%Identity ProtectionUnlimited On-line Training thru Linkedinlearning.comLearn moreat www.roadscholar.org/careers/An Equal Opportunity EmployerRoad Scholar values and supports individual differences and strives to create an environment that contributes to the success of both the individual and the organization. As an Equal Opportunity Employer, we consider applicants for all positions without regard to race, color, religion, gender, national origin, age, sexual orientation, pregnancy, illness, marital or veteran status or disability or any other status protected by applicable law.