Information Security Specialist
Hearst Magazines
Center Valley, PAThis was removed by the employer on 3/9/2020 2:12:00 PM PST
Not to worry we have many other jobs on the site;
Browse all jobs
Browse the IS/IT Category
Search for Information Security Specialist jobs in Center Valley-PA
Search all Information Security Specialist postings
Full Time Job
Hearst Magazine Media is in search of highly motivated and security focused technology professional to join our exciting and dynamic organization as an
Information
Security Specialist. This newly created role will lead the charge of securing the network and infrastructure of Hearst Magazine Media systems, including Hearst Magazines' content and consumer platform (MediaOS) and the magazine publisher systems within CDS Global. They will also be responsible for ensuring compliance with all applicable guidelines.
The
Information
Security Specialist will partner with teams throughout the organization to create and enforce guidelines and practices that elevate the security posture of Hearst Magazine Media to the highest level possible. A successful candidate will leverage an extensive set of technical and soft skills to execute on this vision. They will also be able to demonstrate a history of resolving complex problems within tight time constraints.
Responsibilities:
• Utilize security expertise to provide direction for Hearst Magazine Media's near and long term strategic IT initiatives
• Leverage available tools to actively analyze systems to identify security weaknesses, recommend steps to remediate vulnerabilities and ensure recommendations are implemented
• Partner with corporate security colleagues to evolve the incident response policy, disaster recovery and business continuity plan and perform related tests of controls
• Coordinate with external auditors to facilitate periodic reviews of IT infrastructure and controls, including aiding in the remediation of identified deficiencies
• Primary author and contributor of updates and enhancements to IT security policies and procedures
• Perform security focused assessments of planned and implemented cloud environments
• Participate in security incident responses and escalations and provide remediation support and clear communication to leadership
Requirements:
• 5 years of experience working in security focused positions in large enterprise environments with business-critical systems
• Bachelor's degree in Computer Science or comparable work experience
• Strong experience assessing and securing user facing services like web pages, payment gateways and API end points
• Experience working directly with auditors on compliance related initiatives
• Experience creating, communicating and enforcing a companywide security program
• In-depth knowledge of compliance standards (PCI DSS, Sox, DPA) and IS standards (ISO
27001, BS25999, ISO 20000, OWASP)
• Experiencing using available tools to perform penetration testing and security assessments of network infrastructure and applications
• Excellent written and verbal communication skills with the ability to address colleagues with varying levels of technical expertise
Desired:
• Advanced understanding of Privileged Identity and Access Management with implementation experience
• Ability to architect and implement secure and scalable network and cloud infrastructures
• Experience configuring and managing endpoint protection solutions
• Expertise with security vulnerabilities, remediation techniques and network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, etc.)
• Experience analyzing event data for malicious activity and identifying tactics and techniques used by attackers
• Experience performing static and dynamic code scans as part of a streamlined CI/CD workflow