AnkenyRecruiter Since 2001
the smart solution for Ankeny jobs

Information Security Operations Engineer

Company: Meredith Corporation
Location: Des Moines
Posted on: November 14, 2019

Job Description:

JOB DESCRIPTION

JOB SUMMARY - Major goals and objectives.

The Information Security Operations Engineer position helps protect Meredith brands and Meredith client brands against various security risks and attack methods. This individual is a member of the Meredith IT Security team and works cross-functionality to respond to threats that may arise against our technology and application resources.

ESSENTIAL JOB FUNCTIONS

50%:

Incident Response-Blue Team:

Defend, monitor and respond to security indicators by correlating and analyzing a variety of application, network and host-based security logs across various computing environments (on-premise, cloud, SaaS, etc.) and determine the correct remediation actions and escalation paths for each incident. Configure, implement, and optimize security protection and detection capabilities such as vulnerability scanning, configuration compliance scanning, firewall reviews, intrusion prevention/detection systems, internet protection and log management infrastructure. Appropriately instrument systems and applications to detect and alert on attacks, and coordinate with security tools and automation to implement automation for detection, escalation and remediation. Perform risk analysis of vulnerabilities and threats and evaluate efficiency of existing protection and detection mechanisms. Evaluate new and emerging technologies for appropriateness, fit, and functionality with our current technologies, and the strategic plan. Use experience and knowledge from attacks to work with our infrastructure and applications teams to reduce the attack surface and harden configurations, architectures and data storage structures. Design, develop and implement automated incident response methodologies. Conduct incident response exercises and cyber defense drills to evaluate and improve processes related to threat detection, incident response, patching and remediation. Provide information regarding intrusion events, security incidents, and other threat indications and warning information to teams and leadership as part of incident response. Author post mortem reports to be provided to senior leadership following an intrusion or red team engagement. Creates and maintains a working relationship with business partners, IT teams, local and federal officials and vendors.

20%:

Threat Analysis:

Perform threat hunting exercises using threat intelligence, analysis of anomalous log data and results of historical events and data to detect and respond to threats. Maintain awareness of new and emerging security threats. Develop anomaly detection dashboards and reports to identify potential threats, suspicious activity and intrusions. Research industry trends, identify ongoing security threats, analyze new security testing tools, and provide recommendations on the need and usefulness of services and/or products. Gather threat intelligence and build, optimize, and develop systems for effective and efficient security response. Consult and provide risk management recommendations with cost analysis based on environment. Develop and design technical recommendations and execute remediation and mitigation strategies.

15%:

Security and Compliance Operations:

Performs daily operations and execution of security-related tools, processes and controls related to security prevention and defense initiatives. Supports solutions such as network proxies, intrusion detection/prevention systems, remote access, multi-factor authentication, security event monitoring, infrastructure and system hardening, patch deployment and vulnerability management. Help coordinate and drive remediation of identified risks and control deficiencies. Serves as technical and functional subject matter expert across multiple security domains, raising awareness and communicating security risks within the company. Help lead incident response and technical investigations, as assigned.

15%:

Customer Service:

Provide prompt, courteous and professional customer service, and collaborate with business and technology staff to support Meredith Corporation objectives. Serves as technical and functional subject matter expert across multiple security domains, raising awareness and communicating security risks within the company. Supports projects to ensure they are delivering on time, cost effective solutions that meet security and functional specifications. Effectively communicate security concepts with both technical and non-technical individuals.

MINIMUM QUALIFICATIONS AND JOB REQUIREMENTS - All must be met to be considered.

Education:

Bachelor s Degree in Information Assurance, Computer Science, Engineering or equivalent education and experience.

Industry certification such as CISSP, CASP, GCIA, GCIH, GPEN, GCFA, CEH, CISA, CISM is a plus.

Experience:

Five or more years of experience in Information Security and two years experience as a member of a Security Operations Center (SOC) or investigating security incidents.

Specific Knowledge, Skills and Abilities:

* Working knowledge of IT environments including IT secure architecture, security technologies, security industry trends and direction, system and technology integration, audits, internet security, computer crimes and IT standards, procedures and policies.

* Highly experienced working on Information Security Incidents, investigation, containment and remediation.

* Experienced working within a fast-paced incident response team with knowledge of log correlation, forensics, security vulnerabilities and exploits.

* Experienced deploying security solutions, architecting detection and response solution to mature capabilities.

* Deep understanding of threats, threat actors, and indicator of compromise.

* Experienced with maturing strategic and tactical aspects of the Threat Intelligence program.

* Knowledge of the chain of custody process and properly securing evidence.

* Understanding of OWASP top 10, SANS top 25, and other attack vectors.

* Proficient with various scripting and programming languages.

* Proficient with identification and remediation of security vulnerabilities.

* Experience performing web application security/penetration testing in accordance with well-known methodologies.

* Basic knowledge of IT audit and control, governance, asset management, software licensing, product and vendor evaluation, and training delivery.

* Working knowledge of IT systems management including change control, software process improvement, and technical writing/documentation.

* Experience with regulatory requirements related to SOX, Privacy legislation and PCI.

* Working proficiency of various technology tools.

* Ability to work cooperatively and professionally with co-workers, customers and management.

* Strong verbal and written communication skills in order to interact effectively at all levels of the organization.

* Self-motivated and passionate about continuous improvement of security and development practices.

* Problem-solving skills to determine the programming effects on existing systems.

* Good decision-making skills.

% Travel Required (Approximate): Less than 5%

It is the policy of Meredith to provide equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by federal, state or local law. In addition, Meredith will provide reasonable accommodations for qualified individuals with disabilities.

Meredith participates in the federal E-Verify program to confirm the identity and employment authorization of all newly hired employees. For further information about the E-Verify program, please click here: http://www.uscis.gov/e-verify/employees

#CORP#

Keywords: Meredith Corporation, Ankeny , Information Security Operations Engineer, Engineering , Des Moines, Iowa

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category
within


Other Engineering Jobs


Sales Engineer Business Development
Description: Position Title: Sales Engineer Business Development / Equipment Division br PRIMARY PURPOSE AND FUNCTION: Assist with sales profitability, growth and account penetration within an assigned territory (more...)
Company: CLEAR Air Enviro-Services
Location: Des Moines
Posted on: 12/8/2019

Project Engineer
Description: McGough is a respected partner that brings six generations of experience to high profile, unique and complex construction projects. We take great pride in our people and their extraordinary expertise (more...)
Company: McGough Construction Co., Inc.
Location: Ankeny
Posted on: 12/11/2019

Platform Support Engineer
Description: Platform Support Engineer Description at Wells FargoSkip to Main Content About Us About Us Overview Who We Are: Overview Vision, Values, and Goals Overview Corporate Social Responsibility Diversity Overview (more...)
Company: Wells Fargo Bank
Location: West Des Moines
Posted on: 12/11/2019


QA Engineer-Accounts Payable
Description: SunIRef:Manu:title QA Engineer-Accounts Payable Hy-Vee 4,540 reviews - West Des Moines, IA 50266 Hy-Vee 4,540 reviews Read what people are saying about working here. QA Engineer - Accounts Payable We're (more...)
Company: Hy-Vee
Location: West Des Moines
Posted on: 12/8/2019

Info Security Engineer 4
Description: Info Security Engineer 4 Description at Wells FargoSkip to Main Content About Us About Us Overview Who We Are: Overview Vision, Values, and Goals Overview Corporate Social Responsibility Diversity Overview (more...)
Company: Wells Fargo Bank
Location: West Des Moines
Posted on: 12/11/2019

Sales Engineer
Description: J W Instruments, an Instrumentation and Process Control Distributor and Service organization located in New Brighto, Minnesota is currently seeking qualified candidates
Company: J&W INSTRUMENTS INC.
Location: Des Moines
Posted on: 12/7/2019

Appliance Repair Service Technician
Description: HOURLY PAY UNCAPPED COMMISSION SIGN-ON BONUS TOP PERFORMERS CLUB TRIP WORK REMOTE NO WORK ON SUNDAYS AND NEVER ON CALL Sears Home Services have immediate openings for Appliance Repair AND Refrigeration (more...)
Company: Sears Holdings
Location: Des Moines
Posted on: 12/11/2019

Network Engineer 6- Distributed Performance Engineer
Description: Network Engineer 6- Distributed Performance Engineer Description at Wells FargoSkip to Main Content About Us About Us Overview Who We Are: Overview Vision, Values, and Goals Overview Corporate Social (more...)
Company: Wells Fargo Bank
Location: West Des Moines
Posted on: 12/6/2019

Mobile Trailer Techs - Diesel Mechanics
Description: Responsibilities: br br br Inspect, test, and listen to defective equipment to diagnose malfunctions or damage br Perform all mechanical repairs, maintenance, overhauls, and rebuilds of heavy-duty (more...)
Company: Midwest Peterbilt Group
Location: Des Moines
Posted on: 12/6/2019

Application Support Engineer /ASE 4
Description: SunIRef:Manu:title Application Support Engineer /ASE 4 Wells Fargo 36,648 reviews - West Des Moines, IA 50265 Wells Fargo 36,648 reviews Read what people are saying about working here. Overview: Wells (more...)
Company: Wells Fargo
Location: West Des Moines
Posted on: 12/7/2019

Log In or Create An Account

Get the latest Iowa jobs by following @recnetIA on Twitter!

Ankeny RSS job feeds