TeleSign is looking to hire a Senior Security Engineer to oversee all aspects of TeleSign’s security practice. The individual will be instrumental in overseeing the evolution of the current security practice and ensuring its alignment with the ISO/IEC 27002:2013 Information Security standard via an ISMS framework. The role will report into the TeleSign Operations organization which includes systems administration, network engineering and database administration, but will also work extensively with all Engineering organizations, including Program Management, Development and Quality Assurance.
In addition to the working relationship within Engineering, relationships with other TeleSign organizations including, Human Resources, Product Management and Sales are anticipated. The candidate will work with contracted 3rd party security consultants to conduct gap analysis and document action plans resulting from these security audits. Interfacing with TeleSign’s executive management team to represent the importance of TeleSign’s security initiatives and participate in key strategic activities can be anticipated. The role will act as TeleSign’s face of security to vendors, customers and others as needed.
The scope of the security practice includes all physical TeleSign locations including headquarters (Marina del Rey), Belgrade, Serbia (TeleSign Mobile), and satellite sales offices in the US, UK, Asia-Pacific and Latin America.
- Support the alignment of TeleSign security practices to ISO/IEC 27002:2013.
- Manage administer a security roadmap of projects and integrate those into TeleSign’s services and infrastructure.
- Provide leadership in the areas of information classification, data protection, risk assessment and standardizing of role based permissions based on business and organizational needs; lead on SOC engineering efforts like design and develop correlation rules/policies on SIEM platform.
- Work closely with other operations staff, engineering development and client services to ensure TeleSign’s services are secure and available 24 x 7, additionally includes.
- Working with System Administrators to ensure all servers have required security baselines, maintain proper patch management, anti-virus, and other threat protection actions.
- Working with Network Engineers to assist in the installation, configuration, testing and management of network devices and ensure overall system and network security.
- Working with Application engineers and developers to ensure that all applications are secure.
- Develop, review and maintain ISO/IEC 27001:2013 process documentation in support of the ISMS.
- Provide expert analysis of as-built security and peer review of proposed changes to security.
- Work with HR on insuring corporate on-boarding/off-boarding of employees/contractors follow security best practices, improve security policies and employee handbooks.
- Support sales engineering to respond to proposed/current customer security questionnaires.
- Work with contracted 3rd party security providers to enplaning current security practices, relate future plans and identify further improvements.
- Handle incident management and response responsibilities be leading and delegating when necessary, including documenting processes, writing incident post mortems including recovery actions and lessons learned.
- Ensure accurate asset inventory is maintained.
- CISSP required.
- 5 years IT experience in an enterprise environment supporting Linux, Windows Microsoft SQL, MySQL server environments.
- Experience implementing, supporting or auditing ISO/IEC 27001:2005 compliance strongly preferred.
- Experience with Network Intrusion Detection Systems (NIDS), Host-Based Intrusion Detection Systems (HIDS) products, and Endpoint Detection and Response (EDR) platforms
- Experience with network vulnerability scanners such as Tenable or other vulnerability scanners.
- Experience with Security Information & Event Management (SIEM).
- Must have installed and configured servers running Windows 2008/2012 delivering 24 x 7 services.
- Hands-on experience implementing and supporting highly available, redundant security solutions.
- Working knowledge of LAN/WAN infrastructures.
- Knowledge of monitoring/alerting systems such as Icinga, SolarWinds or like systems.
- Must be able to support off-hours on-call for operational incidents involving security.
- Strong problem solving & troubleshooting skills including ability to perform root cause analysis for preventative analysis.
- Capable of independently solving simple to moderately complex problems.
- Excellent verbal and written communication skills including mentoring engineering staff members, supporting TeleSign executive staff and customer facing security communications.
- Demonstrated ability to work effectively with all levels of operations and engineering staff, clients services.
- Strong organizational skills and the ability to manage a diversified workload.
- Familiarity with Atlassian products such as JIRA & Confluence.
- Demonstrated ability to write to update tickets with status and communicate daily /weekly status.
- Use of Microsoft Visio and SharePoint to effectively document and maintain system documentation.
- Some domestic & international travel will be required.
Nice to have
- Previous security role within cloud based service.
- Experience in a fast moving, agile development based environment, preferably SaaS or cloud delivering based product offerings.
- Familiarity with voice telecom and SMS messaging terminology.
We are offering
- Good compensation – Competitive € salary plus benefits package.
- Development opportunities.
- Challenging but also a friendly working environment.
TeleSign connects and protects online experiences with sophisticated customer identity and engagement solutions. Through APIs that deliver user verification, data insights, and communications we solve today’s unique customer challenges by bridging businesses to the complex world of global telecommunications.
TeleSign is proud to be an equal opportunity employer. We believe our differences help us create a better workplace, a better product, and a better community. We do not discriminate on the basis of race, color, ancestry, religion, national origin, marital status, pregnancy, sex, sexual orientation, gender, gender identity or expression, age, genetic information, disability, military or veteran status, or any other basis protected by federal, state or local law, ordinance or regulation.
TeleSign is an Affirmative Action Employer and as part of the commitment to AAP, it will seek to ensure affirmative action to provide equality of opportunity in all aspects of employment, and that all personnel activities, such as the recruitment selection, training, compensation, benefits, discipline, promotion, transfer, layoff and termination processes remain free of illegal discrimination and harassment based on protected characteristics.
Join our team, send your application in English language electronically.
Only short listed candidates will be contacted.
All applications will be handled with absolute confidentiality.