Senior Security Engineer (Automation I Cloud I Development)

Relx Group Philadelphia , PA 19019

Posted 2 months ago

Senior Security Engineer (Automation I Cloud I Development)

Category:

Location:

Philadelphia, Pennsylvania, United States

Further enhancement of the Elsevier CyberSec team has created the need for a talented Senior Security Engineer.

Reporting to the VP CyberSec Engineering & Incident Response, the successful candidate will be focused on security engineering and delivering solutions to help ensure the protection of Elseviers enterprise and customer facing services and assets.

The ideal candidate must be comfortable with cloud and non-cloud computing environments and should have a balanced security and technology background with strong system, network, and application security skills. He or she must be able to interpret security risks, threats and exploit intelligence into technical capabilities which may be delivered through internally developed or off the shelf products and tools. Strong candidates will possess skills working in DevOps, Agile, cloud and legacy enterprise security environments, should have prior security response or operation experience or familiarity and must be self-starters who want to be challenged.

Key Responsibilities:

  • Develop and acquire intelligence to Identify threats and acquire product risk intelligence across all product offerings.

  • Evaluate, tune and monitor telemetry to identify risks, attacks, service misuse, fraud and theft.

  • Analyze chronic network and usage pattern anomalies.

  • Understand and assist with developing metrics demonstrating anti-fraud efficacy and content theft and misuse countermeasures.

  • Work with selected resource owners to identify company IT assets that require security controls and determine appropriate security policies for identified resources.

  • Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current capabilities, as well as identifying any gaps or technical solutions to further enhance the teams effectiveness.

  • Design and review security events for anomalous activity, and collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats.

  • Assist with implementation content security programs: manage and execute assigned project deliverables; communicate to affected stakeholders including departments within the company; develop program procedures including guidelines and flow diagrams to be implemented on an ongoing basis; and develop tools or metrics that allow for the measurement of successful program implementation.

Technical Skills & Experience required:

  • 3+ years of IT Security experience with an advanced understanding of networking, web-based content delivery platforms and personal computing filesystem operation, architecture, patching and security.

  • Strong understanding of cyber security incident response procedures.

  • Must be able to analyze usage patterns and develop knowledge bases to perform advanced behavioral analytics and detect new misuse patterns.

  • Proficiency with performing endpoint virus scans and malicious software detection and removal.

  • Proficiency with performing remote system patching and client side browser security remediation.

  • Familiarization with IT / Operational Risk management workflows, ticket management and event management tools.

  • Understanding of risk assessment strategies and software.

  • Ability to identify normal and abnormal content usage patterns.

  • Knowledge of information security hardware/software.

  • Knowledge of network and security event monitoring tools.

  • Familiarity with authentication and authorization technologies, strong understand or experience with IDM highly desirable.

  • Familiarity with web content service platforms and security controls.

  • Familiarity with remote endpoint quarantine procedures and risk assessment/threat remediation.

  • Experience with network UTM/ITM or policy based malware, secure proxy and/or DLP highly desirable.

  • Excellent problem-solving experience involving international teams; prior success extracting/translating findings into alternatives/solutions; and identifying risks/impacts and schedule adjustments to facilitate management decision-making.

  • Excellent communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, etc., including diction/terminology and presenting information in a concise and effective manner to clients, management, and various departments using assorted communication mediums.

  • BS Engineering/Computer Science or equivalent experience required; advanced degree preferred.

  • Licensing/certification desired (at least one of the following): CISSP, CISM, SANS, GIAC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification.

Elsevier is a global information analytics business that helps institutions and professionals progress science, advance healthcare and improve performance for the benefit of humanity. We help researchers make new discoveries, collaborate with their colleagues, and give them the knowledge they need to find funding. We help governments and universities evaluate and improve their research strategies. We help doctors save lives, providing insight for physicians to find the right clinical answers, and we support nurses and other healthcare professionals throughout their careers. Elsevier provides digital solutions and tools in the areas of strategic research management, R&D performance, clinical decision support, and professional education; including ScienceDirect, Scopus, SciVal, ClinicalKey and Sherpath. Elsevier publishes over 2,500 digitized journals, including The Lancet and Cell, more than 35,000 e-book titles and many iconic reference works, including Gray's Anatomy.

Elsevier is part of RELX Group, a global provider of information and analytics for professionals and business customers across industries. Elsevier employs over 7,000 people in more than 70 offices worldwide. We are an employer of choice, attracting and developing talented and creative people who thrive in a challenging and fast-paced environment. We offer an excellent compensation and benefits package as well as a real opportunity for career growth in a growing organization. Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact or .


See if you are a match!

See how well your resume matches up to this job - upload your resume now.

Find your dream job anywhere
with the LiveCareer app.
Download the
LiveCareer app and find
your dream job anywhere
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Senior Security Engineer (Automation I Cloud I Development)

Relx Group

Posted 2 months ago

VIEW JOBS 9/30/2018 12:00:00 AM 2018-12-29T00:00 Further enhancement of the Elsevier CyberSec team has created the need for a talented Senior Security Engineer. Reporting to the VP CyberSec Engineering & Incident Response, the successful candidate will be focused on security engineering and delivering solutions to help ensure the protection of Elsevier's enterprise and customer facing services and assets. The ideal candidate must be comfortable with cloud and non-cloud computing environments and should have a balanced security and technology background with strong system, network, and application security skills. He or she must be able to interpret security risks, threats and exploit intelligence into technical capabilities which may be delivered through internally developed or off the shelf products and tools. Strong candidates will possess skills working in DevOps, Agile, cloud and legacy enterprise security environments, should have prior security response or operation experience or familiarity and must be self-starters who want to be challenged. Key Responsibilities: * Develop and acquire intelligence to Identify threats and acquire product risk intelligence across all product offerings. * Evaluate, tune and monitor telemetry to identify risks, attacks, service misuse, fraud and theft. * Analyze chronic network and usage pattern anomalies. * Understand and assist with developing metrics demonstrating anti-fraud efficacy and content theft and misuse countermeasures. * Work with selected resource owners to identify company IT assets that require security controls and determine appropriate security policies for identified resources. * Assist with reviewing existing tools, applications, and processes to help strengthen and optimize current capabilities, as well as identifying any gaps or technical solutions to further enhance the team's effectiveness. * Design and review security events for anomalous activity, and collaborate with respective peer groups to take appropriate action to safeguard company information assets against current and foreseen threats. * Assist with implementation content security programs: manage and execute assigned project deliverables; communicate to affected stakeholders including departments within the company; develop program procedures including guidelines and flow diagrams to be implemented on an ongoing basis; and develop tools or metrics that allow for the measurement of successful program implementation. Technical Skills & Experience required: * 3+ years of IT Security experience with an advanced understanding of networking, web-based content delivery platforms and personal computing filesystem operation, architecture, patching and security. * Strong understanding of cyber security incident response procedures. * Must be able to analyze usage patterns and develop knowledge bases to perform advanced behavioral analytics and detect new misuse patterns. * Proficiency with performing endpoint virus scans and malicious software detection and removal. * Proficiency with performing remote system patching and client side browser security remediation. * Familiarization with IT / Operational Risk management workflows, ticket management and event management tools. * Understanding of risk assessment strategies and software. * Ability to identify normal and abnormal content usage patterns. * Knowledge of information security hardware/software. * Knowledge of network and security event monitoring tools. * Familiarity with authentication and authorization technologies, strong understand or experience with IDM highly desirable. * Familiarity with web content service platforms and security controls. * Familiarity with remote endpoint quarantine procedures and risk assessment/threat remediation. * Experience with network UTM/ITM or policy based malware, secure proxy and/or DLP highly desirable. * Excellent problem-solving experience involving international teams; prior success extracting/translating findings into alternatives/solutions; and identifying risks/impacts and schedule adjustments to facilitate management decision-making. * Excellent communication (verbal and written) and customer service skills. Strong interpersonal, communication, and presentation skills applicable to a wide audience including senior and executive management, customers, etc., including diction/terminology and presenting information in a concise and effective manner to clients, management, and various departments using assorted communication mediums. * BS Engineering/Computer Science or equivalent experience required; advanced degree preferred. * Licensing/certification desired (at least one of the following): CISSP, CISM, SANS, GIAC (or related), ethical hacking/penetration tester certification, and/or security risk assessment certification. Elsevier is a global information analytics business that helps institutions and professionals progress science, advance healthcare and improve performance for the benefit of humanity. We help researchers make new discoveries, collaborate with their colleagues, and give them the knowledge they need to find funding. We help governments and universities evaluate and improve their research strategies. We help doctors save lives, providing insight for physicians to find the right clinical answers, and we support nurses and other healthcare professionals throughout their careers. Elsevier provides digital solutions and tools in the areas of strategic research management, R&D performance, clinical decision support, and professional education; including ScienceDirect, Scopus, SciVal, ClinicalKey and Sherpath. Elsevier publishes over 2,500 digitized journals, including The Lancet and Cell, more than 35,000 e-book titles and many iconic reference works, including Gray's Anatomy. Elsevier is part of RELX Group, a global provider of information and analytics for professionals and business customers across industries. Elsevier employs over 7,000 people in more than 70 offices worldwide. We are an employer of choice, attracting and developing talented and creative people who thrive in a challenging and fast-paced environment. We offer an excellent compensation and benefits package as well as a real opportunity for career growth in a growing organization. Elsevier is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact 1.877.734.1938 or accommodations@relx.com. Relx Group Philadelphia PA

Senior Security Engineer (Automation I Cloud I Development)

Relx Group