Are you interested in joining a leader in Virtual Reality? NextVR delivers live events in virtual reality for devices like the GearVR, Oculus Go, Sony PSVR, and Google Daydream.

 The Information Security Architect will be responsible for designing, building and defending scalable, secure, and robust systems; working on operational data center systems and networks; helping the organization understand advanced cyber threats; and helping to create strategies to protect those networks. This person will work closely with the DevOps, Networking and others within the IT infrastructure team to develop, implement and monitor strategic, comprehensive enterprise information security and IT risk management program to ensure that the integrity, confidentiality and availability of information is owned, controlled or processed by the organization.

Key duties

• Develop and carry out information security plans and policies
• Develop strategies to respond to and recover from a security breach
• Develop or implement open-source/third-party tools to assist in detection, prevention and analysis of security threats
• Awareness training of the workforce on information security standards, policies and best practices
• Implement policies and procedures to protect consumer data, PII, etc.
• Installation and use of firewalls, data encryption and other security products and procedures
• Conduct periodic network scans to find any vulnerability
• Conduct penetration testing, simulating an attack on the system to find exploitable weaknesses
• Monitor networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior
• Investigate security breaches
• Lead incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage

 Skills and competencies

• 5+ years of industry experience in an information security function
• Expertise in anti-virus software, intrusion detection, firewalls and content filtering
• Knowledge of risk assessment tools, technologies and methods
• Expertise in designing secure networks, systems and application architectures
• Disaster recovery, computer forensic tools, technologies and methods
• Planning, researching and developing security policies, standards and procedures
• System administration, supporting multiple platforms and applications including Linux, Mac OS, and Windows platforms
• Expertise with mobile code, malicious code, and anti-virus software
• The IT security engineer should also have experience with and knowledge of:
• Endpoint security solutions, including file integrity monitoring and data loss prevention
• Security concepts related to DNS, routing, authentication, VPN, proxy services and DDOS mitigation technologies
• Cloud and on-premises infrastructure utilizing tools such as Kubernetes, Docker swarm, Terraform or other infrastructure as code software
• AWS and cloud platform as a service (PaaS) security
• Automating security testing tools
• Chef, Puppet, Git
• Experience in Media and Entertainment is a big plus
• compliance areas and security frameworks, to include HIPAA, MA 201 CMR 17, NIST, HITRUST CSF, COBIT, SOC 2, ISO 27002, FISMA 800-53/MARS-E.

General skills include:

• The ability to multi-task
• A keen eye for detail
• Strong organizational skills
• The ability to thrive in fast-paced, high-stress situations
• The ability to communicate network security issues to peers and management

Education - Certifications

• BS. or M.S. in Computer Science or related field, or equivalent experience
• Information Security professional certification; e.g., CISSO, CISM, CHP, CGEIT, CSCS, CISSP/HCISSP, ISSAP or other equivalent certification is preferred