Information Security Engineer
HomeAdvisor and our sister company, Angie’s List, are among the largest Homeservices marketplace in the nation. Part of ANGI Homeservices (ANGI), we connect millions of homeowners across the globe with home service professionals through our innovative and user-friendly products. ANGI Homeservices operates 10 brands in eight countries, and is headquartered in Golden, Colo.
Who we are looking for:
Incumbent serves as an Information Security Engineer, responsible for coordination of IT security efforts to reduce risks, respond to incidents and limit exposer to liability and risk with regard to IT systems, networks and applications. This position utilizes strong policy and process knowledge as well as skills and expertise with a variety of technologies, particularly cloud technologies. It also involves interaction with numerous other departments and business functions.
What you will do:
- Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Write, maintain, and update security automation scripts.
- Provide leadership in the threat and vulnerability assessment process
- Engage across IT and the business to ensure an understanding of the importance of information security to protect Angie’s List data and technology assets
- Partner with assurance/audit/compliance/privacy and legal teams
- Stay abreast of and recommend new information security technology(ies) as well as risk management practices to facilitate business initiatives
- Works with Infrastructure Architecture and Operations personnel to ensure secure deployment/remediation of environments.
- Research, recommend and implement changes to standards and procedures to enhance systems security
- Supports audit efforts related to information security
- Conduct Risk & Vulnerability Assessments.
- Oversees and maintains internal security systems such as IDS/IPS, SIEM, VPN, and vulnerability scanners
- Recommends and implements new tool sets and practices with regards to information security
- Serve as the information security subject matter expert for the Incident Response team and investigate any possible incidents impacting the company
- Maintain awareness of trends in security regulatory, technology, and operational requirements
- Perform other related duties as assigned
What you will have:
- Minimum of 3+ years’ experience in Information Security.
- Familiarity with regulatory and legal requirements (e.g., SOX, PCI)
- Familiarity with common Web Application Security risks (e.g., Cross Site Scripting, SQL Injection, Authentication and Session Management)
- Professional certifications preferred (e.g., CISSP, CEH, CCSP, etc.)
- Knowledge of security & risk frameworks, standards, and best practices (i.e. PCI, ISO, ITIL)
- Knowledge of and implementation experience with security technologies and architecture, including encryption, network security, firewall configuration, intrusion detection, data loss prevention and application security
- Experience in vulnerability management, including testing, scanning, and patching
- Experience conducting and mitigating security/risk assessments Strong analytical skills and attention to detail
- Excellent time management skills, and the ability to prioritize and multi-task
- Ability to work efficiently and independently with minimal supervision (i.e. self-motivated and willing to stretch to meet important deadlines)
- Ability to work successfully in a cross-functional team environment.
- Hands-on Networking and Systems Administration experience with Windows, Linux, Unix
We're eager to tell you more about the projects you'll be working on, and hear more about your background. If you're interested in a career with us, we'd love to talk. If you have questions about any of our roles, talk with one of our Recruiters by signing up for our next chat: http://www.abouthomeadvisor.com/talk-to-us/