Senior Cyber Security Engineer – Applications SecurityJob ID 0816851 Date posted 10/05/2017
HSN’s Information Team is responsible for all security functions associated with Information Technology, including communications (voice and data), infrastructure, and policies and procedures within the enterprise. This team has the responsibility for enterprise-wide information security, compliance and privacy. This engineering role supports a secure network infrastructure with security controls for the perimeter, internal network, endpoints, cloud, and remote access.
- Support and manage all technical aspects of security controls for a multi-location environment.
- Evaluate, recommend, and justify appropriate commercial off-the-shelf products that support the security program requirements.
- Manage, maintain and monitor multiple security technologies.
- Ensure new system builds entail appropriate security packages, tools, logging and monitoring applications are configured properly.
- Communicate technical application security concepts to employees, including developers, architects, and managers.
- Work with development and QA teams to ensure the use of secure coding practices and verification methods.
- Participate in Application security testing to include source code analysis, dynamic application security testing using open source and commercial tools.
- Assess the security posture, develop risk profiles, specify security requirements, and identify mitigation measures to safeguard public facing Web applications.
- Implement and maintain intrusion detection and prevention systems.
- Support the Information Security Architect in design and management of a secure network infrastructure.
- Communicate with key groups (i.e. various lines of business and other technical teams) regarding potential threats and remediation efforts.
- Keep pace with emerging security threats, technologies, and systems.
- Develop and maintain operational documentation and procedures.
- Perform or coordinate penetration testing and Web application security assessment activities.
- Provide 24x7 operational support for escalations on a rotating basis.
At HSN, if you are Agile, Innovative, Pioneering, Dynamic, Boundaryless, Passionate, Customer-Centric, Collaborative, and Results-Focused, you will love it here!
- Bachelor's degree in Computer Science, Information Security, a related technical field or equivalent experience.
- 5 or more years of information security engineering, administration, and cyber threat research/analysis experience.
(Candidates will be considered in totality of their skills and experience versus strict interpretation of “must haves.”)
Nice to Haves
- Relevant technical certifications (CISSP, OSCP, GIAC, CCNA/CCNP Security).
- Engineering and/or architecture experience with web applications, application stacks, web application firewalls, intrusion detection sensors, antimalware technologies, vulnerability scanning technologies, and APT prevention technologies.
- Knowledgeable on cyber threats relative to the retail industry.
- Experience in web application security testing and protection.
- Experience in conducting attribution analysis.
- Understanding of Technology Platforms (Windows, Open Source, Middleware Applications, Database Applications, Cisco, Adobe).
- Understanding of DDoS concepts, mitigation tools and techniques.
- Experience creating analytical reports for Leadership on complex criminal activity.
- Experience making effective presentations to all levels, including Senior Management.
HSN, Inc. (Nasdaq:HSNI) is a $4 billion interactive multichannel retailer with strong direct-to-consumer expertise among its two operating segments, HSN and Cornerstone. HSNi offers innovative, differentiated retail experiences on TV, online, via mobile devices, in catalogs, and in brick and mortar stores. HSN, a leading interactive multichannel retailer which offers a curated assortment of exclusive products combined with top brand names, now reaches approximately 94 million homes (24 hours a day, seven days a week, live 364 days a year). HSN.com offers a differentiated digital experience by leveraging content, community and commerce. In addition to its existing media platforms, HSN is the industry leader in transactional innovation, including services such as HSN Shop by Remote®, the only service of its kind in the U.S., the HSN Shopping App for mobile handheld devices and HSN on Demand®. Cornerstone comprises leading home and apparel lifestyle brands including Ballard Designs®, Frontgate®, Garnet Hill®, Grandin Road®, and Improvements®. Cornerstone distributes approximately 325 million catalogs annually, operates five separate digital sales sites and operates 14 retail and outlet stores.