Information Security Specialist

Company description

We at Publicis Sapient, enable our clients to thrive in Next and to create business value through expert strategies, customer-centric experience design, and world-class product engineering. The future of business is disruptive, transformative and becoming digital to the core.

In our 20 + years in IT, never before have we seen such a dire need for transformation in every major industry - from financial services to automotive, consumer products, retail, energy, and travel.

To make this transformative journey a reality in these exciting times, we seek Rockstars who will:

• Brave it out to go do the next; “what will be” from “what is” exhibit the optimism that says there is no limit to what we can achieve deeply skilled, bold, collaborative, flexible.
• Reimagine the way the world works to help businesses improve the daily lives of people and the world.
• Our people thrive because of the belief that it is both our privilege and responsibility to usher our clients and the world into Next.
• Our work is fueled by challenging boundaries, multidisciplinary collaboration, highly agile teams, and the power of the newest technologies and platforms.

If that’s you, come talk to us! This is the world-class engineering team where you should build your career

Overview

The Information Security Officer is a senior level professional position responsible for driving efforts to prevent, monitor and respond to information/data breaches and cyber-attacks. The overall purpose of this role is to ensure the execution of Information Security (IS) directives and activities in alignment with client information and cybersecurity policy within the supported business units, primarily client's technology infrastructure.

Responsibilities

Responsibilities:

• Identify opportunities to automate and standardize information security controls and for the supported groups.
• Resolve any vulnerabilities or issues detected in an application or infrastructure.
• Analyze source code to mitigate identified weaknesses and vulnerabilities within the system.
• Review and validate automated testing results and prioritize actions that resolve issues based on overall risk.
• Scan and analyze applications with automated tools and perform manual testing if necessary.
• Reduce risk by analyzing the root cause of issues, their impact, and required corrective actions.
• Direct the development and delivery of secure solutions by coordinating with business and technical contacts.
• Contribute to execution of the architectural vision for all IT systems through major, complex IT architecture projects.
• Security Architecture: Collaborate with IT to ensure system architecture follows corporate policies and IT best practices.
• Risk management: Identify, assess and mitigate security risks. Identify application compensating controls for non-compliant items.
• Provide technical leadership and is responsible for developing components of, or the overall systems design.
• Translate complex business problems into sound technical solutions.
• Provide integrated systems planning and recommends innovative technologies that will enhance the current system.
• Recommend appropriate infrastructure platforms, and communication links required to support IT goals and strategy.
• Impact the architecture function by influencing decisions through advice, counsel or facilitating services.
• Guide, influences and persuades others with developed communication and diplomacy skills.

Qualifications

Qualifications and Education:

• Strong understanding of cloud security architectures (i.e. AWS Well-Architected Framework, Google Cloud Security Command Centre).
• Knowledge of the Identity and Access management (IAM) security models of AWS and GCP.
• In-depth knowledge of cloud infrastructure and architecture (e.g. VPC, EC2, S3, Cloud Storage and Compute Engine.
• Familiarity with compliance and risk frameworks (NIST, ISO 27001, CSA STAR)
• Experience in business engagement for Information Security, Risk or Control & Compliance, IT Analysis / Design or Program / Project Management.
• Perform Information Security risk assessments and familiarity with Information Security Risk Governance.
• At least 2 years’ experience securing cloud environments particularly AWS and GCP
• Bachelor’s degree or higher (Computer Science or Cybersecurity preferred) or equivalent work experience.
• Industry certifications such as CISSP/CISM/CCSP are desired.
• Have good communication skills with the ability to articulate clearly in high stress situations.
• Self-starter with good problem-solving skills.
• Proven influencing and relationship management skills.
• Familiarity with IaC security (Terraform, CloudFormation)
• Advanced proficiency with Microsoft Office tools and software.
• Public Cloud Solution Architect or Security Certifications are plus (i.e. AWS Certified Solution Architect, GCP Professional Cloud Security Engineer)

Additional information

Annual Pay Range: USD 128,000 - USD 180,000

The range shown represents a grouping of relevant ranges currently used at Publicis Sapient.

The actual range for this position may differ, depending on location and the specific skillset required for the work itself. Benefits of Working Here: Flexible vacation policy; time is not limited, allocated, or accrued 16 paid holidays throughout the year Generous parental leave and new parent transition program Tuition reimbursement Corporate gift matching program As part of our dedication to an inclusive and diverse workforce.

Publicis Sapient is committed to Equal Employment Opportunity without regard for race, color, national origin, ethnicity, gender, protected veteran status, disability, sexual orientation, gender identity, or religion. We are also committed to providing reasonable accommodations for qualified individuals with disabilities and disabled veterans in our job application procedures.

If you need assistance or accommodation due to a disability, you may contact us at hiring@publicissapient.com or you may call us at +1-617-621-0200.