| Sr. Security Engineer at Remote at Remote, Remote, USA |
| Email: [email protected] |
| From: Devyani Kumari, Absolute IT [email protected] Reply to: [email protected] Job Title: Sr. Security Engineer Location: Fully remote Duration: 1 year contract Lastly rate $55/hr on C2C Required Experience and Qualifications 3 to 5 years of professional experience in Information Security, IT Delivery, IT Program Management or other related areas Experience with securing emails, servers, workstations Experience with cloud security and cloud security platforms such as CASB, SASE, CSPM, CWPP, SaaS security, CSP (Azure and AWS) IaaS/PaaS security. Experience with Palo Alto Prisma Cloud for Cloud Security Posture Management and Cloud Workload / Container Security A CISSP, CISM, CCSP or equivalent professional certificate is mandatory Working knowledge of IT governance frameworks and standards such as CobiT, ITIL, ISO27001, NIST cybersecurity framework Working knowledge of IT architecture frameworks such as TOGAF and/or project management methodologies Working knowledge of regulatory and legal requirements frameworks related to information security for healthcare data, such as HIPAA, EU Data Protection Directive and/or equivalent regional frameworks is preferred Detailed JD: The Security Architect role presents a dynamic opportunity to ensure the secure operation of the IQVIA global information technology (IT) cloud-based and acquired/merged infrastructure and processes through developing and implementing new Cybersecurity safeguards, amending and improving existing safeguards, as well as contributing to implementation of necessary security measures and controls within projects across the enterprise. This role is part of CIO M&A team focusses on Information Security and will provide an excellent opportunity to liaise with key external and internal stakeholders while strengthening our Information Security function. You will also find yourself working together with other IQVIA Information Security managers and staff, and with Business Unit teams. This is an opportunity to join and progress with a forward-thinking department. Principal responsibilities will include: Work with IQVIA integration teams to secure M&A environments in alignment with IQVIA process, policies and standards. Work to implement core controls around critical platforms such as the email systems, backup critical servers, network perimeter, Bitsight, MFA, EDR, and DLP. Develop information security processes and projects aimed at securing M&A environments through integration into IQVIA enterprise-level cybersecurity solution or via applying dedicated cybersecurity solutions to M&A environment as necessary Support a security program focusing on acquisition environments, including both new technological and organizational capabilities across the enterprise Ensure delivery of security architecture frameworks, design templates, standards, reference architectures and guidance materials in alignment with the IQVIA Integrated Information Security Framework (IISF) in application to cloud and M&A environments Engage with third-party specialist service providers and vendors where necessary to support program deliverables, including carrying out vendor and product selections and organizing necessary operational support Work with a team to develop the improvement of the landscape of technical security safeguards, including assessment and deployment of new capabilities, technologies, and systems as it relates to the M&A environments Develop secure architecture strategies for IQVIA with respect to technology domain standards and design goals Research and identify emerging technology solutions that reduce costs, increase efficiencies, provide more value, provide more capabilities, reduce risks, and increase security posture Evaluate information security components and conduct feasibility studies for selecting appropriate and cost-effective solutions Assess risks for each security control included in the security integration process and work with Risk Management teams & IT Project Manager to update risk register, current controls and risk treatment plan Support the effort for the delivery of M&A projects by providing necessary cybersecurity subject-matter expertise and contribution to both secure solution designs and configurations Keywords: information technology |
| [email protected] View all |
| Wed Dec 20 00:37:00 UTC 2023 |