IT Security Analyst

IE-Dublin
Category
Information Technology
Type
Regular Full-Time

The Company

Location: Globoforce, 19 Beckett Way, ParkWest Business Park, D. 12. Our ultra-modern offices are easily accessible by Car, Rail (6 minutes from Park West & Cherry Orchard station), Bus, LUAS and close to shops, restaurants, Gym. 

 

About Globoforce:

Globoforce is a leading provider of social recognition solutions, helping companies build stronger, more human cultures through the power of thanks. Named one of the Best Workplaces by the Great Place To Work® Institute, Globoforce is trusted by some of the most admired companies in the world to inspire and energize employees and create best places to work.

Our award-winning SaaS technology and proven methodologies empower HR and business leaders to take a modern, more strategic approach to recognition programs. Our best practices and technology are at the heart of the world’s most successful worldwide recognition programs.

Recently named Great Place to Work 2016, Digital Technology Company of the Year (Irish Software Association, 2015), as well as named one of the Top Places to Work in Massachusetts (Boston Globe, 2015), Globoforce continues to impact and transform the fundamental nature of organization’s cultures around the globe. Visit www.globoforce.com

The Job

The IT Security Engineer’s role is to support the Information Security & Compliance Officer in the management of all technology-related security and compliance issues across the organization including information security, privacy, disaster recovery, business continuity, user access and data integrity.

The IT Security Engineer will work with Sales, Customer Success and Legal departments on all IT Security related matters in the areas of Customer / prospect review, audit and RFPs.  

You will work closely with technology teams on the implementation of policies, procedures and controls to ensure that the organization's practices remain compliant with industry best practice standards.

AS IT Security Engineer, you will implement and manage security technologies for Globoforce that will maintain and raise the overall security posture of the organization, while providing assurance to senior management and customers. 

Main duties & responsibilities:

  • Work with the Sales, Customer Success and RFP support teams on issues relating to Information Security in response to both Customers and Prospects evaluation of Globoforce.
  • Manage the Third Party / Supplier review program ensuring that all new suppliers / potential suppliers meet minimum security standards and working with existing suppliers to improve their Information Security stance.
  • Work with internal communications / HR staff to develop, plan, implement and delivery ongoing Information Security awareness and privacy training across the organization including the development of metrics.
  • Develop and implement a program of reviews / measurement to provide assurance of compliance with policy (to include System / User access reviews, Firewall rules reviews etc.)
  • Create and rollout appropriate Information Security / IT policies as required. Review existing policies and their implementation.
  • Identification, evaluation and documentation of Risks and where necessary the development and management of mitigations
  • Business Continuity co-ordination – work with business areas on the development and testing of practical BCP plans for each department.
  • Provide technical input to all implementations / development solutions ensuring industry best practice standards are adhered by all.
  • Implement a meaningful set of monitoring / metrics from IDS / File integrity checking / Logs to ensure good visibility of network activity. Refining the results according to the current threat landscape.
  • Manage a regular external and Internal Scanning / Pen Testing program to provide assurance for both management and customers of the security status of the environments and make such testing an integral part of the SDLC.
  • Research, evaluate, test and implement security products as required.

Responsibilities, Skills & Qualifications

Required skills and experience:

  • A minimum of five (5) years of IT experience, with three years spent in an information security role.
  • Solid understanding of industry best practice standards such as International Standards Organization (ISO) 2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
  • Familiarity with applicable legal and regulatory requirements, including, but not limited to, GDPR, Privacy Shield, PCI-DSS, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA) and PIPEDA.
  • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, management and business personnel.
  • Strong project management skills and experience in creating and managing project plans.
  • Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Ability to provide innovative solutions to issues and problems.
  • Up to date industry knowledge and participation in industry forums to ensure access to the latest threat vectors etc.
  • Knowledge of risk frameworks / methodologies.
  • A knowledge of Agile development methodologies.
  • An understanding of operating system, network protocols and cloud technologies to include a good knowledge of Active Directory, IP addressing, and firewall technologies.Experience in application technology security testing.
  • Experience in security testing (vulnerability scanning and penetration testing).
  • Knowledge and experience in Log management, IDS / IPS, file integrity software. Splunk experience an advantage.

Education and Qualifications

  • Diploma or degree in Computer Science or IT related discipline.
  • CISA/CISSP or GISP:GIAC certification highly beneficial.
  • Cloud certification beneficial

 

Perks:

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed