Analyst, Information Security Engineer

***The salary range for this position is $90 - $97 per hour.***

***Please note, that all applicants applying for US job openings must be legally authorized to work in the United States.***

Our Customer is a consumer financial services company headquartered in Connecticut. The company offers consumer financing products, including credit, promotional financing, loyalty programs, installment lending to industries, and FDIC-insured consumer savings products through the consumer bank, its wholly-owned online bank subsidiary.

We are seeking an Analyst, Information Security Engineer on a contract basis to play a key role in safeguarding the organization's systems, networks, and data. The position is responsible for aiding in the design and build of Information Security capabilities, participating in the management of these capabilities, and supporting technology. In addition, this role will be responsible for acting as a trusted resource for other analysts in the organization.

This role is 100% remote with EST or CST hours preferred.

What You’ll Do:

• Implement and provide ongoing engineering/operational support for a global key management service using HashiCorp Vault and various security technologies
• Participate as one of several technical leads on the team of secrets management engineers
• Play a hands-on role in the engineering and implementation of security measures that protect the computer systems, networks, and information
• Aid in disaster recovery planning and operations and data backups when needed
• Provide day-to-day administration and support for infrastructure related to API, application security, firewalls, encryption, intrusion detection systems, PKI, secrets management, vulnerability scanning, security monitoring tools, penetration testing, authentication, web filtering, identity management, or access control systems, and their associated logs and processes
• Participate in authoring, editing, providing, or reviewing documentation (procedures, standards) to ensure a well-managed and mature security infrastructure
• Work closely with the Information Security program manager, scrum master, and architects to convey technical impacts to development/engineering timeline and risks
• Work independently in identifying opportunities to improve operational or other performance for Security, Information Technology, and other functions across the company
• Work with Information Security engineers and API developers to drive program delivery
• Work with Information Security leaders to drive secrets management development and standards across the organization
• Serve as subject-matter expert to other team members in the Information Security organization
• Perform other duties and/or special projects as assigned

Must Haves:

• 3-4 years of experience in Technology/Information Security
• Excellent oral communication and writing skills
• Adept and presenting complex topics, influencing and executing with timely/actionable follow-through
• Proficient hands-on technical expertise with API (Application Programming Interface), AWS, Cloudera, Docker, encryption, HashiCorp Vault, Java, Linux, Perl, PKI (Public Key Infrastructure), Protegrity, Python, secrets management, Thales/Vormetric, tokenization is strongly preferred
• Proven ability to organize/manage multiple priorities coupled with the flexibility to quickly adapt to ever-changing business needs
• Strong analytical and problem-solving skills with the ability to convert information into practical deliverables
• Ability to use rigorous logic and methods to solve difficult problems

Nice-to-Haves:

• Ability to successfully manage to work on multiple simultaneous projects
• DevOps and/or Engineering background
• Creativity and individual thinking, and the ability to work both with a team and unsupervised
• Familiarity with problem and incident management, change management, notifications, and basic operational understanding of running and maintaining infrastructure
• Good teamwork, oral and written communication
• Good understanding of the security landscape as a whole
• Strong and efficient problem-solving and analytical skills, willingness to learn
• Working experience in modern coding languages such as Python
• Working experience with CI/CD (continuous integration/continuous deployment) pipelines
• Working experience with encryption technologies
• Working experience with Jenkins
• Working experience with secrets management technologies
• Working experience with tokenization technologies
• Understanding of various cloud deployment/service models from a development, infrastructure, and information security aspect

Education:

• Bachelor's Degree in Computer Science/Engineering or related field preferred
• Certifications in audit, big data, cloud, cybersecurity, governance, information security, privacy, and risk preferred; AWS (Amazon Web Services), Cloudera, GCP (Google Cloud Platform), GIAC (Global Information Assurance Certification), ISC2 (International Information Systems Security Certification Consortium), or ISACA (Information Systems Audit and Control Association)

Hours & Location:

• M-F, 40 hours/week. This role will be 100% remote with EST or CST hours preferred.

Perks are available through our 3rd Party Employer of Record (Available upon completion of the waiting period for eligible engagements)

Health Benefits: Medical, Dental, Vision, Life (including spouse & child), 401k, STD/LTD, AD&D, and Commuter Benefits program.