Conde Nast - Engineer IV - Security Engineering (10-15 yrs)

JOB DESCRIPTION :

Cond Nast is a global media company, home to iconic brands including Vogue, The New Yorker, GQ, Glamour, AD, Vanity Fair and Wired, among many others. The company's award-winning content reaches 84+ million consumers in print, 367+ million in digital and 379+ million across social platforms, and generates more than 1 billion video views each month.

The company is headquartered in London and New York, and operates in 32 markets worldwide, including China, France, Germany, India, Italy, Japan, Mexico & Latin America, Russia, Spain, Taiwan, the U.K. and the U.S., with local license partners across the globe.

The Cyber Security Team provides the security services that underpin Conde Nast's security posture and enhance the organisation's security profile. The Cyber Security Team is responsible for; Information Security and Cyber Risk management, Security Operations and the global SOC, Security Architecture, Application Security and Security Engineering.

This role sits within the Cyber Security team reporting into the Security Architecture and Engineering Manager and provides the team with security engineering expertise to ensure our various security tools, technologies and solutions are well placed, properly configured and finely tuned to provide the team with the visibility and data to allow us to proactively identify, respond to and mitigate threats and vulnerabilities.

This is a "lead" role, therefore the successful candidate will bring a high level of knowledge and experience from providing security engineering services into multi-disciplinary security teams. The successful candidate holder will manage our current security tooling and support the implementation of further security tools and solutions to defend against cyber attacks and other threats.

This successful candidate will also work with our infrastructure and networking colleagues to configure and tune the tools used by those teams, to ensure the SOC team receives the necessary logs, data and alerts.

You will continuously monitor and test our systems, making sure that our security defences are up to date and providing optimal performance.

The successful candidate will already be well embedded into the security engineering culture and will demonstrate full understanding of the landscape of tools, technologies and solutions that form the backbone of security management and will have held similar security engineering roles at large organisations.

You must have demonstrable expertise in identifying security gaps in our current toolsets and the placement to propose remedies that will enable us to leverage existing and new tools, processes and other technologies, to provide a dedicated integrated approach across our digital and enterprise environments.

To be successful you will have an understanding of Security Threat and Risk Assessment methods as well as experience of performing security architecture reviews and change management reviews, ensuring any impact to our security controls and risk posture is identified and considered prior to providing approval. The candidate should also have worked on PAM or IAM projects previously and have knowledge of mainstream Privileged Access Management solutions and Identity Access Management solutions.

Duties :

- Work with the Security Architecture team to develop, enhance and improve the Conde Nast's security solutions and tools.

- Administer, manage and maintain our CyberArk platform.

- Administer, manage and maintain our Vulnerability Management system used across regions.

- Perform ongoing administration, maintenance and development of our SIEM solution.

- Perform ongoing administration, maintenance and development of our InsightIDR solution, including the NDR Platform.

- Ensure our security tools provide actionable alerts and insights to our Security Operations Centre, enabling us to better detect and respond to threats.

- Review change requests that may have an impact on Conde Nast's security posture as part of the change review process.

- Work to implement technical security controls across our regions.

- Work closely with our Security Architect to ensure tooling is deployed as per the design, supporting the architect with the low level design where required.

- Lead the implementation of new solutions across our regions to ensure we deliver secure compliant security solutions.

- Assist with ensuring regions adhere to security policies which have been published centrally, where gaps exist, work with the architecture team to develop solutions to close these gaps.

- Work with our DevOps teams to implement security controls in the cloud environments used, such as AWS and Google Cloud Platform.

Required Skills/Experience :

Exp : 7 - 10 years, with at least 2 years experience in a lead/senior role

This role is central to the continuing changes and improvements that we are making in the way security is delivered at Conde Nast.

To be successful, the candidate will need to have and demonstrate an in-depth knowledge and experience of several of the following areas, along with a proactive focused attitude;

- Expertise in at least 3 of these domains :

1. Security Architecture and Engineering - min 5 years

2. Communication and Network security - min 5 years

3. Privileged Access Management - min 5 years

4. Identity and Access Management (IAM) - min 5yrs

5. Security Assessment and Testing - min 3 years

- Experience of implementing and maintaining Vulnerability Management solutions, as well as performing day to day administration.

- Experience of having implemented and maintained Rapid 7 InsightIDR.

- Experience with log management and/or SIEM technologies such as Splunk, InsightIDR NextGen SIEM etc.

- Experience of having worked with or supported CyberArk Privilege Cloud.

- Knowledge of Windows, Linux, Network, Firewall, NDR technologies

- Good understanding of Active Directory, DNS, LDAP and Okta (or other identity management provider)

- Understanding of security and compliance frameworks including NIST and PCI-DSS

- Ability to explain vulnerabilities to different audiences - technical and business.

- Experience of having managed and maintained XDR Platforms or solutions such as Sophos Intercept X, Crowdstrike, SentinelOne

- Experience of having managed and maintained Secure Cloud Network Analytics.

- Demonstrable experience of implementing, configuring and tuning security tools

- Thorough knowledge of the AWS service offerings.

- Knowledge of monitoring and verifying the implementation of IT security baselines within the IT organisation.

- Must have expert level knowledge and experience on the following IT security categories : Security Information and Event Management (SIEM), Network Detection and Response (NDR) and Vulnerability Management (VM)

- Proficiency in Python, Powershell, JavaScript or other scripting languages.

- Knowledge of cloud, containers, kubernetes beneficial

- Excellent communication and presentation skills

- Excellent written language skills

Primary Skills : Insight IDR including NDR (Network Detection and Response), Vulnerability Management (Rapid 7), SIEM (Security Information and Event Management ; Networking ; AWS

Secondary Skills : DMARC Solutions (i.e. OnDMARC ; Mimecast ; Dmarcian etc.) ; DLP Solutions (Google Workspace) ; IAM & PAM solutions (Identity & Access Management Solutions - Ping; Okta; CyberArk) ; Secure Cloud Analytics (Cloud NDR) ; EDR / XDR solutions

Educational Qualifications :

Any of the following certifications would be advantageous :

- Security Qualifications : CISSP, CISSP-ISSAP, TOGAF, Security +, AWS Certified Security; AWS Solutions Architect

- Networking qualifications : CCNA ; CCNP ; CompTIA Network+