Senior security specialist job description

Equifax is looking for a Senior Business Security Officer to join Equifax Workforce Solutions. This is a customer-facing senior-level individual contributor role, where this person will be responsible for helping Security and Sales teams to ensure customer satisfaction. This resource should be willing to work from our Saint Louis, MO Office location.
What you'll do:
Act as the point of contact when customer third-party assurance teams have security questions for Equifax Workforce Solutions. Coordinate effectively across the other Equifax lines of business when questions involve more than one line of business.Define and mature local operational processes aligned with global corporate processes, in areas including: review of business contracts for security terms, incident investigations, crisis management / disaster response, and more.Develop audit-quality documentation for local security processes, training cross-functional stakeholders on their roles. Oversee the review of business contracts for security-related terms and conditions as performed by yourself and other members of the Security Team. Serve as the primary liaison between Security, Legal, and the business to ensure timely execution with uniformly high quality / correctness.Engage with clients and customers as needed to assist the business to achieve its objectives with pre and post sales activities (e.g. explain our security program, support external audits, support bids/RFP process, assist in customer communication of security incident, assemble and deliver artifacts and evidence, etc.) Serve as a general technology and security subject-matter expert, advising on matters related to governance, risk, and compliance to your security and business colleagues.Assist fellow team members with other duties as needed and as your skill strengths allow.

What experience you'll need:
5-7 years experience working in one or more information security domains such as audit, engineering, or security operations3- 5 yrs of experience working with external customers or stakeholders to deliver requested artifacts. 1- 2 yrs of hands-on experience participating in / preparing for audits (agenda, document requests, field-work / interviews, etc.)

What could set you apart:
Bachelor or Master of Science in Computer Science, Computer Engineering, Electrical Engineering, or a related field.Experience in one or more information technology roles, such as system administrator, developer, etc. prior to moving into information security.Familiarity / experience with cloud security preferred. Google Cloud experience preferred.Security or Technology certifications including but not limited to CISSP and CISM.Demonstrated professional experience working in-depth with processes, process improvement and execution, metrics, and reporting; where writing and visual design (slides) were central elements of success in the role.

We offer comprehensive compensation and healthcare packages, 401k matching, paid time off, and organizational growth potential through our online learning platform with guided career tracks.
If this sounds like somewhere you want to work, don't delay, apply today - we're looking for you!
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

Primary Location:
USA-St. Louis-2330 Ball

Function:
Function - Security Governance and Compliance

Schedule:
Full time

Leading the future in luxury electric and mobility
At Lucid, we set out to introduce the most captivating, luxury electric vehicles that elevate the human experience and transcend the perceived limitations of space, performance, and intelligence. Vehicles that are intuitive, liberating, and designed for the future of mobility.

We plan to lead in this new era of luxury electric by returning to the fundamentals of great design - where every decision we make is in service of the individual and environment. Because when you are no longer bound by convention, you are free to define your own experience.

Come work alongside some of the most accomplished minds in the industry. Beyond providing competitive salaries, we're providing a community for innovators who want to make an immediate and significant impact. If you are driven to create a better, more sustainable future, then this is the right place for you.

We are currently seeking a Security Engineer for Security Operations Center in our Cyber Security team. This position requires an experienced professional with a proven track record of establishing the Security Operations logging and monitoring, alert response system. Our ideal candidate exhibits a can-do attitude and approaches his or her work with vigor and determination. Candidates will be expected to demonstrate excellence in their respective fields, to possess the ability to learn quickly and to strive for perfection within a fast-paced environment.
Role Responsibilities:Contribute to cyber security requirements, design and test specifications Implement production quality software components according to specifications Work jointly with internal development teams to review and accommodate the attributes and analytics based on the need.Communicate security-related concepts to technical and non-technical teams Provide mentorship to junior team members
Required Qualifications:Minimum 3-5 years of experience working in Security Operations Center and Application SecurityExperience in a fast-moving startup environment Extensive work experience in design and development of Cyber Security methodologies and comply to Security standards In-depth technical knowledge of different logging modes and monitoring the logs and do a thorough analysis.Extensive experience threat modeling and attack analysis Able to bring Security aspects in product development life cycle Demonstrable proficiency with one or more programming/scripting languages Extensive experience with pen testing tools and security attack vectors.Strong understanding of network concepts including TCP/IP protocol stack, HTTP and TLS, DDoS detection/prevention, Intrusion detection and prevention Experienced in Data protection in transit and at Rest, Data Loss prevention techniques. Experienced in Data compliance Experience with regular expression searches as well as detecting the required attributes in huge volume of data Network and host anomaly detection through both automated (NIDS/HIDS) and manual tools Experience in Agile development environment
Preferred Qualifications:Experience with Automotive communication protocols would be a plus.
At Lucid, we don't just welcome diversity - we celebrate it! Lucid Motors is proud to be an equal opportunity workplace. We are committed to equal employment opportunity regardless of race, color, national or ethnic origin, age, religion, disability, sexual orientation, gender, gender identity and expression, marital status, and any other characteristic protected under applicable State or Federal laws and regulations.

Notice regarding COVID-19 protocols
At Lucid, we prioritize the health and wellbeing of our employees, families, and friends above all else. In response to the novel Coronavirus all new Lucid employees, whose job will be based in the United States may or may not be required to provide original documentation confirming status as having received the prescribed inoculation (doses). Vaccination requirements are dependent upon location and position, please refer to the job description for more details.

Individuals in positions requiring vaccinations may seek a medical and/or religious exemption from this requirement and may be granted such an accommodation after submitting a formal request to and the subsequent review and approval thereof by our dedicated Covid-19 Response team.

To all recruitment agencies: Lucid Motors does not accept agency resumes. Please do not forward resumes to our careers alias or other Lucid Motors employees. Lucid Motors is not responsible for any fees related to unsolicited resumes.

Xero is a beautiful, easy-to-use platform that helps small businesses and their accounting and bookkeeping advisors grow and thrive.

At Xero, our purpose is to make life better for people in small business, their advisors, and communities around the world. This purpose sits at the centre of everything we do. We support our people to do the best work of their lives so that they can help small businesses succeed through better tools, information and connections. Because when they succeed they make a difference, and when millions of small businesses are making a difference, the world is a more beautiful place.

We're growing rapidly and with growth comes new markets, new partners, new security and risk threats, and new compliance obligations. We are looking for a Senior Security Risk and Compliance Specialist in NZ or AUS who will thrive on the challenge of helping our diverse teams understand and manage their security risks, delivering meaningful security initiatives to keep us ahead of the curve.

You'll be working as part of a global team across the business to improve Xero's security risk and compliance posture. Your goal is to help us reduce the risk of security incidents and improve the efficiency and effectiveness of Xero's security controls.

We're a company founded in New Zealand working on a global scale, as a Xero you'll take the lead not just on the NZ, ANZ or APAC Security Risk but will be part of our global efforts to build a best in class in-house Security Risk and Compliance practice. This is a fantastic opportunity to join a market leading global SaaS company, working across regions and business units.

At Xero we believe having diverse teams of talented people working together is key to our success, joining us means joining a team of talented professionals across our business working in a fun, innovative, collaborative and high performing environment. Our goal is to enable you to do the best work of your life with Xero.

What you'll do:Assess security risks across all areas of Xero's business, including product, platform, and third party software and services, to ensure these are well understood and managed within Xero's risk tolerance.Ensure security compliance obligations, both internally defined and externally regulated, are understood and met across Xero.Maintain the Xero information security management framework. Ensure that security policy and standards keep pace with the changing threat and compliance landscape, and are approved and communicated across Xero.Contribute to further development of a threat modeling framework and work with other security teams to roll this out to all product teams Develop and maintain an automated risk assessment process for add-on partners and third party providers. Ensure that security risks are assessed and understood prior to, and during the engagement with the third party.Engage and manage service providers delivering services and capabilities related to Xero's security risk and compliance practice.Maintain a comprehensive program of automated and manual security testing across Xero products. Further develop and manage the security risk management framework to ensure risks are documented, quantified, owned, communicated and escalated as appropriate across Xero.Assist in the development of security awareness materials and training for Xero staff.Respond to customer and supplier security assessments.Define requirements and assess solutions to automate and improve the efficiency of risk assessment and reporting processes.Keep informed as to emerging security threats that have the potential to impact Xero and recommend mitigating strategies.Provide measurement and reporting of Xero's risk and compliance position suitable for various levels of Xero's leadership.Coach and mentor other team members to help them become the best versions of themselves they can be, using a variety of techniques which may include performance feedback and career development.Mentor product team members from other disciplines about security risk and raise awareness of risk and compliance concerns as a key consideration of product development.

What you'll bring with you?5+ years in a role in an information security and risk management practice Experience implementing risk management and information management security frameworks Experience in a SaaS environment, with knowledge and understanding of risk and compliance issues relating to cloud technologies Been recognised as a technical lead or senior contributor in your team.Takes a business focused and pragmatic approach to security risk management.Ability to work as part of a team and able to take pride and ownership in their work.Has initiative and a passion for all things security and a willingness to go the extra mile.Excellent stakeholder management.Able to effectively communicate to a wide range of people.Works collaboratively and empowers others in the team.
Why you should become a Xero

It's a diverse and inclusive environment, with people who will respect, challenge, support and mentor you to do the best work of your life. We're a place where innovation and change are not only encouraged but also celebrated. We value our people and want them to enjoy and take pride in their work.

We're very supportive of flexible working arrangements and offer a competitive remuneration package including shares and life insurance, in addition to your base salary. We have a culture we're proud of. Whether you're after a workplace with a social vibe, or a workplace which understands your family is priority - Xero is all of that and more.

Why Xero?

At Xero we support many types of flexible working arrangements that allow you to balance your work, your life and your passions. We offer a great remuneration package including shares plus a range of leave options to suit your well-being. Our work environment encourages continuous improvement and career development and you'll get to work with the latest technology.

Our collaborative and inclusive culture is one we're immensely proud of. We know that a diverse workforce is a strength that enables businesses, including ours, to better understand and serve customers, attract top talent and innovate successfully. We are a member of Pride in Diversity, in recognition of our inclusive workplace. Our goal is to make sure you feel welcome and supported to do the best work of your life.

At Xero we embrace diversity and inclusion and value a #challenge mindset. Research has shown that women and underrepresented groups are less likely to apply to jobs unless they meet every single competency or experience . If you are excited about this role, but your past experience doesn't align perfectly, we encourage you to apply anyway. You could be just the right person for this role and Xero. If you have any support or access requirements, we encourage you to advise us at time of application and throughout the interview process.