ABOUT THE COMPANY
Brainshark was founded in 1999 with one vision: to transform the way business people create and share content. From this vision, the Brainshark platform was born – enabling the average business person with only basic tools, like PowerPoint and the phone, to create high-impact video presentations that help lower costs and drive business value. Before the ideas of user-generated content, software-as-a-service and online video became standard practice, Brainshark was already pioneering these concepts to enhance business communications. Today, Brainshark helps thousands of companies around the world improve productivity with cloud-based business presentation solutions for sales, marketing, and training.
We’re delivering cloud-based solutions to the Fortune 1000. Because of the high-profile nature of our customers and the increasing focus on security, our customers and prospects are demanding the highest level of security standards in Brainshark’s products. That’s where you come in…
The Information Security Engineer will be deeply involved in managing and improving the security of Brainshark’s products and platforms. In addition to monitoring Brainshark’s various security systems, the security engineer is also responsible for investigation and analysis of anomalous or suspicious events and incidents reported by those tools and plays a significant role in the response to such events. Additionally, the security engineer will be responsible for designing and implementing controls to protect corporate and production systems according to industry best practices. They will also serve as a technical resource for all matters regarding information security and will be responsible for projects with cross-functional teams, so strong communication skills are a must. The responsibility of the role will pertain to both our on-premise and Microsoft Azure cloud environments. Security best practices for a physical/cloud hybrid environment will be designed and implemented by this role.
WHO ARE YOU?
- You’ve gained a solid understanding of networks, systems, and software, and have begun focusing on the intricacies of security vulnerabilities and the ways to defend against their exploitation.
- You know that security spans many elements in any computing environment and so are excited about collaborating with engineers and developers across multiple disciplines.
- You understand the necessity of securing internal IT infrastructure and applications without inhibiting employee productivity or mobility.
- You’re looking for a small company because you want to own your job, accomplish your goals, and work in a fast-paced agile environment.
- Develop and implement industry-leading security controls within our corporate and production environments.
- Configure, manage and monitor automated network and application scanning tools.
- Analyze and remediate issues discovered by security monitoring and scanning tools.
- Perform incident response and remediation procedures when deemed necessary.
- Implement technical solutions for compliance with various industry standards and frameworks.
- Manage and maintain multiple security systems; including firewalls, IDS, VPNs, WAFs, etc.
- Configure and monitor user access controls.
- Manage SSL certificates for both Internal IT and the SaaS platform.
- Work with Developers to recommend security improvements in Brainshark products and SDLC.
- Participate in Disaster Recovery testing and data verification exercises.
- BA, BS, or equivalent in a technical field of study (such as computer science, electrical engineering, or security assurance) or equivalent work experience
- 1-2 years of experience in a systems administration or operations role
- Proficiency with Windows server operating systems and Microsoft Azure
- Excellent verbal and written communication skills
- Ability to work on multiple projects and products at the same time, develop work estimates, and coordinate schedules with your colleagues while prioritizing and working to deadlines
- Ability to work in the US without visa sponsorship
- Experience with traditional data centers and Microsoft Azure
- Security certifications: SSCP, CEH, Security+, etc.
- Knowledge of or experience with the following frameworks and standards:
- Cloud Security Alliance STAR control framework
- ISO 27001 standard
- OWASP standards
- CIS benchmarks and controls
- Knowledge of or experience with the following tools:
- O365 security tools
- Microsoft Security Center
- Experience designing and operating security tests for software, operating systems, and networks.
- Experience with malware analysis and reverse engineering cyber attacks
*PLEASE NOTE THAT WE ARE CURRENTLY NOT OFFERING SPONSORSHIP*