Experience:
• Security primitives (encryption, signing, modern algorithms)
• Best practices in security, including encryption of data at rest and in motion
• Knowledge of industry standards concerning data security including SSAE and SAS 70 compliance, and SOC 1, 2, and 3
• Strong hands-on experience and knowledge implementing HIPAA/HITECH standards and requirements concerning PHI/PII
• Experience with Amazon Web Services and related technologies
• Specific knowledge of security in AWS
• Familiarity with version control (i.e. git and Subversion)
• Familiarity w/ Agile process or experience working in cross-functional teams
• Ability to review and comprehend code written by other programmers and testers (primarily in Java, JavaScript, SQL, Salesforce, or Python would be a plus)
• Working knowledge of SQL or NoSQL databases
Description:
Position Objective:
This position requires an experienced Senior Security Engineer to develop and maintain appropriate security policies, procedures, and implementations of security primitives (such as PHI on AWS and data security and encryption on file servers) for Freelancers Union and its subsidiaries. The Senior Security Engineer will be responsible for securing sensitive data over a broad range of file and database systems and architectures. In addition, they will be expected to direct the efforts of other engineers and drive overall security strategy.
Job Requirements:
• Design and drive overall security strategy for the organization
• Act as a mentor to other engineers in best practices concerning security and encryption
• Design and implement policies and procedures to secure current and future infrastructure, data, and applications
• Monitor new development to ensure compliance with established policies and procedures
Responsibilities
• Design and maintain security policies 10%
• Mentoring/oversight of other engineers 20%
• Technology implementation to support policy 40%
• Software security testing/validation 30%
Competencies/Skills:
• Must be customer focused and able to work in a collaborative environment
• Must be capable of working in a fast-moving and agile environment
• Must understand the importance of building right-sized technology solutions
• Must be able to match security objectives with business realities
• Must be able to align technology with the organizational goals and objectives
• Must be able to work with business analysts to discuss and learn requirements
• Must have strong communication skills
• Must be self-motivated and proactive
• Must have strong time management, prioritization and scheduling skills
• Must be able to foresee risks, and communicate appropriately