Cybersecurity Engineer - Contractor
Verifi, Inc., a Visa company, is currently hiring for a dynamic and collaborative Cybersecurity Engineer, in a project contractor role!
This contractor will assist in the management and analysis of Verifi’s information security controls, and work closely with Verifi’s Technology team, including other functional areas, to ensure that compliance with Verifi’s Information Security Policies are maintained, while acting as a champion in promoting a culture of general data security.
At Verifi, you will be part of a dynamic environment that supports interdepartmental collaboration, fuels creativity, and provides you with an opportunity to take ownership and play an intricate part in our company’s success.
You will work alongside the brightest and most remarkable individuals in the industry and you will have an immediate impact on our aspirations for global domination and disruption of the payments space.
Join Verifi and you join the leading solution in the ecommerce marketplace for payment and risk management.
Your responsibilities will include driving compliance, tech, product, and corporate projects by:
- Subject Matter Expert for Vulnerability Detection and Threat Management lifecycle.
- Execute, analyze, and action internal and external vulnerability scans, propose remediation approaches to stakeholders and business units as appropriate.
- Participate in security device management (e.g. SIEM, IPS, IDS, DLP, etc.) focusing on generating configuration requirements, review efficiency, and change management
- Perform log reviews assessing for potential issues and initiate actions as appropriate
- Actively participate in all aspects of incident response process including first response
- Receive and review alert notifications, filtering and prioritizing as needed, then responding as appropriate
- Maintain list of approved policy exceptions, performing periodic reviews of expiring exceptions.
- Participate in internal and external audits and assessments and provide support as appropriate
- Perform ad-hoc information security requests or additional duties as assigned
You bring to the table your:
- 3+ years of experience in IT compliance, security, internal controls or risk management
- Experience working within a SOC
- Demonstrated ability in security device management (e.g. SIEM, IPS, IDS, DLP, etc.) focusing on generating configuration requirements, review efficiency, and change management
- Extensive experience with Vulnerability scanning via enterprise-level solutions
- Recent success managing patch deployments across heterogenous environments at scale
- Solid understanding of transport (and above) layer protocols
- Working understanding of cryptography, firewalls, IDS, IPS, DLP, VPN, CASB, SSO, identity management, network monitoring, and system/endpoint hardening.
- Working knowledge of security-based standards and controls (NIST, CIS, ISO 27001)
- Experience working in 24/7 operational environments
- Exceptional interpersonal, written, and oral communication skills
Additional experience preferred, but not required:
- Experience working in a PCI DSS environment
- Prior experience conducting internal and external risk assessments, implementation, monitoring, and reporting of control processes, documentation, and compliance measures and / or remediation items, and implementing and enforcing policies and procedures
- Information Security Forensic / Post-mortem skills
- Understanding of financial and payment card processing industries
- Will be required to be available for after-hours and weekend on-call if needed; periodic travel may be required
*Please note, the position is Temp for initially 9 months, with the possibility to extend further.
**Verifi is located in Los Angeles, however at present is in a work from home environment
#DI