JUNIOR INFORMATION SECURITY ENGINEER
ABOUT THE COMPANY
Brainshark was founded in 1999 with one vision: to transform the way business people create and share content. From this vision, the Brainshark platform was born – enabling the average business person with only basic tools, like PowerPoint and the phone, to create high-impact video presentations that help lower costs and drive business value. Before the ideas of user-generated content, software-as-a-service and online video became standard practice, Brainshark was already pioneering these concepts to enhance business communications. Today, Brainshark helps thousands of companies around the world improve productivity with cloud-based business presentation solutions for sales, marketing and training.
We’re delivering cloud based solutions to the Fortune 1000. Because of the high-profile nature of our customers and the increasing focus on security, our customers and prospects are demanding the highest level of security standards in Brainshark’s products. That’s where you come in…
Under the direction of the Security Architect, the Jr. Information Security Engineer will be deeply involved in managing and improving the security of Brainshark’s products and platforms. The Information Security Engineer will have significant involvement in Brainshark’s migration from a traditional data center to Microsoft’s Azure public cloud, and will be a key contributor in recommending, implementing, and maintaining systems to ensure that this new architecture and environment is built with industry leading security controls. Additionally, their responsibilities include monitoring Brainshark’s various systems and responding to the events generated by those monitoring tools. They will serve as a technical resource for all matters regarding information security, and will be responsible for projects with cross-functional teams, so strong communication skills are a must.
WHO ARE YOU?
- You’ve gained a solid understanding of the fundamentals of networks, systems, and software, and have begun focusing on the intricacies of security vulnerabilities and the ways to defend against their exploitation.
- You know that security spans many elements in any computing environment and so are excited about collaborating with engineers and developers across multiple disciplines.
- You’re looking for a small company because you want to own your job, accomplish your goals, and work in a fast-paced agile environment.
- You understand the necessity of securing internal IT infrastructure and applications without inhibiting employee productivity or mobility.
- Develop and implement industry leading security controls within our Azure environments.
- Configure, manage and monitor automated network and application scanning tools.
- Oversee and remediate issues discovered by security monitoring and scanning tools.
- Implement technical solutions for compliance with various industry standards and frameworks.
- Manage and maintain multiple security systems; including firewalls, VPNs, WAFs, etc.
- Configure and monitor user access controls for both Internal IT and the SaaS platform.
- Manage SSL certificates for both Internal IT and the SaaS platform.
- Work with Developers to recommend security improvements in Brainshark products.
- Participate in Disaster Recovery testing and data verification exercises.
- Assist in the authoring and implementation of new security related policies as required.
- Assist in responding to customer requests for security information.
- BA, BS, or equivalent in a technical field of study (such as computer science, electrical engineering, or mathematics) or equivalent work experience
- 2 years of experience in a Systems Administration or Operations role
- Proficiency with Windows Server operating systems and .Net applications
- Excellent verbal and written communication skills
- Ability to work on multiple projects and products at the same time, develop work estimates, and coordinate schedules with your colleagues while prioritizing and working to deadlines
- Experience with Microsoft Azure or other cloud platforms
- Security certifications: CISSP, CISA, SSCP, Security+, etc.
- Knowledge of the Cloud Security Alliance STAR Control Framework or ISO27001 standards
- Understanding of OWASP
- Experience designing and operating security tests for software, operating systems, and networks.
- Windows, MSSQL, .Net, Configuration Management
- Experience with SaaS applications