Sr Information Security Engineer #2013-4026 | Orbitz, LLC | US-IL-Chicago

Sr Information Security Engineer #2013-4026 | Orbitz, LLC | US-IL-Chicago

2013-4026

Posting Job Title 

Sr Information Security Engineer

Job Location 

US-IL-Chicago

Category 

Technology

More information about this job:

Overview:

Orbitz Worldwide is a leading online travel and technology company, but we didn’t need to tell you that—that’s why you want to work for us, right?

Orbitz is currently looking for a Sr. Information Security Engineer to join our team based at Orbitz Worldwide’s headquarters in downtown Chicago.

The Senior Security Engineer is responsible for supporting the architecture, implementation, and ongoing maintenance for a global information security program and ensuring the confidentially, integrity, and availability of all corporate assets. The Senior Security Engineer will be responsible for the design of security solutions as well as responsible to ensure solutions are implemented in accordance with implementation plans. This position requires communication with development teams, infrastructure security teams, and business teams. Solutions are to be built, configured, integrated, tested, and deployed in compliance with the security architecture. The security engineer will participate in agile based practices to ensure all artifacts and deliverables are generated with the highest quality standards. 

In addition, the security engineer will work with corporate regulatory compliance programs such as the Payment Card Industry Standard (PCI) and and assists in maintaing compliance in section 404 of the Sarbanes-Oxley Act (SOX).

Responsibilities:

• Formulate security architecture recommendations and design security services.
• Work with the Information Security team to define security solutions for customers and business partners.
• Assist engineering and development teams to ensure proper security controls are implemented throughout technology.
• Assist in responses to external audits, penetration tests, and vulnerability assessments.
• Research emerging technologies in support of security enhancement and development efforts.
• Must be able to perform hands-on support for a wide range of security  technologies including, but not limited to: SEIM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, and data loss prevention, content filtering technologies, application firewalls, vulnerability scanners, LDAP, forensics software, security incident response, Identity Management  (IdM)
• Initiates security awareness and training.
• Document security policies, standards, procedures, and guidelines that meet legal requirements for corporate due diligence
• Implements monitoring capabilities for security infrastructure. Reviews logs and alerts for violations. Takes appropriate action to isolate and secure systems.

Qualifications:

• Minimum of 5 years of experience in Information Security
• Must be an intelligent, articulate, and persuasive leader who can communicate information security related concepts to a broad range of technical and non-technical staff.
• Must be passionate about technology and information security and must have extensive knowledge of current and upcoming IT ecommerce security technologies and techniques that cover all levels of IT architecture, including those that affect business processes, data, applications, and network systems and infrastructure.
• Knowledge of the various industry and government strategies and standards in privacy and security, including Information Technology Infrastructure Library (ITIL), Control Objectives for Information and related Technology (COBIT), International Organization for Standardization (ISO), US National Institute for Standards and Technology (NIST), and others where applicable.
• Ability to weigh business risks and enforce appropriate IT security measures while maintaing the speed of delivery that is inherent in a fast-paced technology company.
• Expertise in web application security and ecommerce, including secure coding standards required (java, J2EE).
• Experience working on government and industry compliance projects (Sarbanes Oxley, Visa CISP/PCI, GLBA, etc.).
• Prior experience in a start-up or Internet environment a plus.
• Industry certifications, such as CISSP or CISM.
• Bachelor’s degree in Computer Science, or equivalent experience.

https://careers-orbitz.icims.com/jobs/4026/2013-4026/job