Information Security Engineer

About the Information Security Engineer Opportunity



The Information Security Engineer will lead the Information Security Program’s strategy, policies, and processes for all Infospace corporate and commercial data, network, and application environments. This ideal candidate will collaborate with Sr. Leadership, Information Technology, Engineering, and other key stakeholders. As a key member of the Corporate Operations Team, the Information Security Engineer administers, develops, and identifies security vulnerabilities and threat modeling, application penetration testing, application code review, countermeasures, and mitigations for Infospace.





Job Responsibilities : Develops and executes enterprise-wide vulnerability management (VM) processes and procedures, specifically: Integrates assessment tool outputs with the overall VM process Conducts proactive enterprise assessment Evaluates assessment results Publishes metrics representing vulnerability trending Coordinates resolution and remediation of vulnerabilities Continually improves upon and executes data security audit procedures covering all new product launches, significant upgrades, and legacy "in-scope" (Sarbanes-Oxley) applications Develops and executes computing security incident response procedures with emphasis on providing a dedicated in-house resource capable of providing timely forensics data Stay current with new developments in the security industry including vulnerabilities, viruses, alerts, bugs, and other security impacting threats





Required Skills, Education & Experience: Bachelor’s degree in Computer Science or equivalent Security certification desired (e.g. CISSP, SANS, CISM) Two to five years experience as a vulnerability management tool administrator, first or second tier security incident responder, and system security auditor Posses a deep understanding of network and web related protocols such as, HTTP, HTTPS, TCP/IP, IPSEC, and other routing protocols Be self motivated and results oriented with excellent conceptual, organizational, analytical, and problem solving skills Strong scripting skills (e.g. Perl, Python, shell scripting) Strong technical documentation experience Be available to work infrequent nonstandard hours, nights, weekends and/or holidays including being on-call 24x7 in support of security incident resolution Awareness of compliance initiatives, such as ISO, HIPPA, Safe Harbor, etc.




About InfoSpace:



InfoSpace, Inc. uses its unique metasearch technology to power a portfolio of branded websites such as Dogpile, WebCrawler, MetaCrawler, and WebFetch.com and provide private-label search services. Our edge is two-fold: proprietary metasearch technology and our relationships with leading search engines. Our metasearch-driven searches cover more of the Internet because they combine the most relevant returns from multiple search engines such as Google, Yahoo!, Ask, and Windows Live Search. InfoSpace metasearch helps advertisers achieve a much higher match rate than any other search engine, and sites hosting metasearch receive a higher pay-per-click rate, which is a key selling point when InfoSpace engages with potential private-label search customers.



To apply for the Information Security Engineer position, visit our website at www.infospaceinc.com






To Apply for this position, please CLICK HERE