As a member of the Information Security team, the Security Engineer is responsible for the design, architecture and implementation of security solutions and features at platform, host, network and application level. This includes working with existing tools and frameworks, implementing new tools and frameworks, and collaborating with the architecture, infrastructure, middleware and application development teams.
The Security Engineer is expected to utilize extensive business knowledge and strong technical security expertise to provide a secure information technology environment, and to investigate violations of Information Security Policies. The purpose of this position is to provide effective Information Security services that continuously protect our critical information assets and assure compliance with corporate and regulatory policies/standards and industry best-practices.
The responsibilities include:
Working to ensure that the security of information security assets is kept within an acceptable level of risk
Managing existing and potential risks and to lead and track risk remediation to completion
Participating in providing 24 x 7 support for security in production systems as necessary to proactively protect the integrity, confidentiality, and availability of ATPCO information technology assets
Analyze and correlate information security data from multiple sources to ensure that any Information Security Incident is identified and remediated in a timely manner
The ideal candidate
Bachelor’s degree in computer or information disciplines, or similar work experience
Extensive experience as a systems or security engineer
Experience in implementing security features and solutions in a cloud-based environment
Experience with IDS/IPS systems and SAST/DAST tools
Experience in scripting and automation of systems and security engineering tasks
Comprehensive understanding of modern cloud and SaaS platforms with a focus on reliability, as well as of application stacks, networks and virtualization technologies
Broad understanding of security monitoring tools which provide threat detection, remediation and incident management
Scripting and systems administration experience, especially in use cases involving authentication (including multi-factor authentication) and authorization
This position requires a good understanding of the modern threat landscape and attack vectors
Broad experience in both Windows and Unix environments, familiarity with RHEL a big plus
Telecommuting is allowed. Relocation expenses are negotiable.
When it comes to data and content, ATPCO is the powerhouse of the airline industry, with the world's largest air price content repository. Our strength has always been in distributing that content throughout the air travel ecosystem.? We lead the industry into the future by delivering all air price content via New Distribution Capability (NDC) APIs.