Senior Cyber Security Engineer – Applications Security / Web Applications FirewallsJob ID 0816851 Date posted 10/05/2017
HSN’s Information Team is responsible for all security functions associated with Information Technology, including communications (voice and data), infrastructure, and policies and procedures within the enterprise. This team has the responsibility for enterprise-wide information security, compliance and privacy. This engineering role supports a secure network infrastructure with security controls for the perimeter, internal network, endpoints, cloud, and remote access.
- Support and manage all technical aspects of security controls for a multi-location environment.
- Evaluate, recommend, and justify appropriate commercial off-the-shelf products that support the security program requirements.
- Manage, maintain and monitor multiple security technologies.
- Ensure new system builds entail appropriate security packages, tools, logging and monitoring applications are configured properly.
- Communicate technical application security concepts to employees, including developers, architects, and managers.
- Work with development and QA teams to ensure the use of secure coding practices and verification methods.
- Participate in Application security testing to include source code analysis, dynamic application security testing using open source and commercial tools.
- Assess the security posture, develop risk profiles, specify security requirements, and identify mitigation measures to safeguard public facing Web applications.
- Implement and maintain intrusion detection and prevention systems.
- Support the Information Security Architect in design and management of a secure network infrastructure.
- Communicate with key groups (i.e. various lines of business and other technical teams) regarding potential threats and remediation efforts.
- Keep pace with emerging security threats, technologies, and systems.
- Develop and maintain operational documentation and procedures.
- Perform or coordinate penetration testing and Web application security assessment activities.
- Provide 24x7 operational support for escalations on a rotating basis.
At HSN, if you are Agile, Innovative, Pioneering, Dynamic, Boundaryless, Passionate, Customer-Centric, Collaborative, and Results-Focused, you will love it here!
- Bachelor's degree in Computer Science, Information Security, a related technical field or equivalent experience.
- 5 or more years of information security engineering, administration, and cyber threat research/analysis experience.
- 2 or more years of Web Application Firewall (WAF) experience.
(Candidates will be considered in totality of their skills and experience versus strict interpretation of “must haves.”)
Nice to Haves
- Relevant technical certifications (CISSP, OSCP, GIAC, CCNA/CCNP Security).
- Engineering and/or architecture experience with web applications, application stacks, web application firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.
- Knowledgeable on cyber threats relative to the retail industry.
- Experience in web application security testing and protection.
- Experience in conducting attribution analysis.
- Understanding of Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Cisco, Adobe).
- Understanding of DDoS concepts, mitigation tools and techniques.
- Experience creating analytical reports for Leadership on complex criminal activity.
- Experience making effective presentations to all levels, including Senior Management.
HSN’s unique blend of Retail, Television and eCommerce create a one-of-a-kind working environment. Our employees enjoy a competitive benefit program including health and retirement plans, merchandise discounts, volunteer days, and more. We encourage growth and development across the company. Most importantly, we have fun. Follow HSN Careers on Facebook, Twitter and LinkedIn.
To learn more, visit https://jobs.hsn.com.
HSN is a leading interactive entertainment and lifestyle retailer, offering a curated assortment of exclusive products and top brand names to its customers. HSN incorporates entertainment, inspiration, personalities and industry experts to provide an entirely unique shopping experience. At HSN, customers find exceptional selections in Health & Beauty, Jewelry, Home/Lifestyle, Fashion/Accessories, and Electronics. HSN broadcasts reach approximately 90 million households (with live programming 364 days per year) and its website — HSN.com features more than 50,000 product videos. Mobile applications include HSN apps for iPad, iPhone and Android. HSN, Inc., founded 40 years ago as the first shopping network, is a wholly owned subsidiary of Liberty Interactive Corporation and is attributed to the QVC Group tracking stock (NASDAQ: QVCA, QVCB). For more information, please visit http://corporate.hsn.com/newsroom/, or follow @HSN on Facebook and Twitter.
The QVC Group consists of eight leading retail brands: QVC, HSN, zulily, Ballard Designs, Frontgate, Garnet Hill, Grandin Road and Improvements The QVC Group has 27,000 team members in the US, the UK, Germany, Japan, Italy, France, Poland and China. Visit the QVC Group webpage to learn more.