Sr IS Engineer IS Security in Sarasota, FL at Jackson Hewitt

Date Posted: 5/24/2018

Job Snapshot

Job Description

At Jackson Hewitt, we are working hard for the hardest working and we are on a mission to completely change the way our customers engage with their personal finances. Jackson Hewitt combines the fun, fast-paced culture of a startup with the scale and reputation of one of the nation’s largest retailers (over 6,000 locations).

At Jackson Hewitt we have a passion for our employees and our customers. We recognize and appreciate that our team members are our single greatest competitive advantage. Being an industry leader requires a consistent focus on quality, innovation, performance and results.

IF YOU WANT TO BE PART OF A TEAM THAT IS CHANGING THE INDUSTRY, WITH A FOCUS ON DELIVERING EXEMPLARY CUSTOMER SERVICE THEN JOIN JACKSON HEWITT!!

The Senior Security Engineer serves as a technical lead for the IT Security Team and is responsible for the operation, maintenance, monitoring and implementation of IT security technologies, processes and procedures. This job role will be well versed in understanding the information technology landscape including security, infrastructure, network, client, server, emerging technology standards and trends. The Senior Security Engineer will manage and monitor outsourced security functions; will apply expertise in information security and protection systems to eliminate or reduce unauthorized access, disclosure or destruction of data in the care of Jackson Hewitt; assists with investigation of technology security breaches; identifies security issues; performs and participates in risk assessments; assists in the identification, development and implementation of security solutions; recommends secure solutions utilizing standard best practice security principles; assists in designing, implementing and measure required compliance controls; contributes to the overall security posture of the organization.
 

Duties/Responsibilities:

  • Lead the design, review, and implementation of strategic and tactical security initiatives.

  • Identify significant actual and potential cyber security problems, trends, and weaknesses and recommends specific modifications and solutions to reduce information systems security risks.
  • Provide architectural design and coordinate the implementation of security solutions to integrate into existing network environment. Establish requirements and make recommendations on the appropriate infrastructure protection tools, methods, and technologies.
  • Develop strategies for responding to future security challenges. Demonstrate effectiveness of the program for implementation on an organization-wide basis.
  • Review, create and update  security policies, procedures and standards, and present them to management for endorsement. Establish technical or procedural enforcements for pertinent policies within the organization. Facilitate organizational-wide communications and institute measures to ensure information security awareness and compliance.
  • Review new and existing systems, networks, and software designs for potential security risks, and resolve integration security issues across disciplines. Define the scope and level of detail for applicable security plans and policies.
  • Implement and interpret the requirements of ISO/IEC, PCI, SOX, and HIPAA policies, mandates and standards. Develop the project plan for the implementation, identify major milestones and activities, and coordinate development and implementation. Develop plan and methodology for testing and measuring IT compliancy.
  • Act as a key member of the Incident Response Team, who may be called upon to represent in the investigation of serious cyber security violations that potentially impact the integrity of Jackson Hewitt's infrastructure. Recommend action for containment and remediation based on findings, and following up to ensure the implementation of corrective actions.
  • Proactively monitor security infrastructure and tools to insure reliability and integrity of systems and applications.  Develop and implement operational response procedures to maximize visibility, maintain stability and prioritize criticality of identified issues.
  • Investigate and respond rapidly to identified security incidents. Acquire, analyze, and interpret forensic images,  packet captures and logs to accomplish rapid and accurate incident response. Recommend and implement tools, standards and procedures to facilitate future investigations.
  • Educate IT team members in security best practices.  Collaborate with IT Teams to incorporate security best practices into daily workflows and procedures.
  • Assist with development and implementation of Security Awareness Training for entire organization.
  • Other job duties as assigned.

Education/ Experience:

  • Bachelor ’s degree with a concentration in Computer Science or Business Administration or equivalent work experience required.

  • Five (5)+ years’ experience (7+ years in lieu of degree) in firewalls, routers, proxies, load balancers, and UNIX-based systems.
  • Excellent oral and written communication skills and interpersonal skills.
  • Proficient in network protocols such as TCP/IP, HTTP/HTTPS, SSH, SSL, BGP, DNS, SNMP, VRRP.
  • Proficient in firewalls, routers, proxies, load balancers, and UNIX-based systems.
  • Experienced in AWS Security, Architecture and Infrastructure administration.
  • Proficient at securing systems (e.g. common operating systems, network equipment).
  • Proficient in security concepts such as identity management, least privilege, defense in depth and separation of duties
  • Proficient in security technologies such as IPS, VPNs, D/DoS and vulnerability management.
  • Working knowledge of common web architectures and related security risks.
  • Working knowledge of large scale networks including architecture and security risks.
  • Working knowledge of Windows based operating systems.
  • Working knowledge of scripting languages (Python or Perl preferred).
  • Familiarity with incident response and forensic investigation.
  • Experience writing technical specifications and operational documentation.
  • A strong desire to learn while being able to complete tasks in a high-pressure environment.
We appreciate your interest in Jackson Hewitt Tax Service. Jackson Hewitt Tax Service is an equal employment opportunity employer. The Company’s policy is not to discriminate against any applicant or employee based on race, color, sex, religion, national origin, age (40 and over), disability, or any other basis protected by applicable federal, state, or local laws. Jackson Hewitt Tax Service also prohibits harassment of applicants or employees based on any of these protected categories. It is also Jackson Hewitt Tax Service’s policy to comply with all applicable state and federal laws respecting consideration of unemployment status in making hiring decisions.