To improve application, system, and network security visibility and validation, responding to events as necessary within required timeframes.
This is an operational role that requires hands-on experience. Information Security Engineers may be called on to engage in a team effort together with other E&IT departments and non-IT business units. The duties require the consistent exercise of judgment and discretion, ability to work with limited supervision regarding technical issues and the ability to collaborate in technical efforts of a team to meet security project goals.
Required Knowledge, Skills, and Abilities (KSAs):
Working on problems involving enterprise security risks with minimal supervision.
Perform as a Subject Matter Expert in the realm of Information Security with cross-functional teams in the organization.
Document, and assist in providing security advisories for staff
Co-authoring information security policies and defining procedures to implement industry best practices.
Participating in projects to identify security issues proactively through analysis of network traffic, software and hardware testing, log review and consultation with users.
Conduct or collaborate on forensic examinations of digital records, logs, and other data.
Working with various corporate security systems
Work with IT End User Support staff in analyzing security-related events to assist with escalation decisions.
Participate in or coordinate security monitoring and incident response for ICANN systems.
Coordinate with vendors and external security teams to address security issues for external IT services and systems.
Evaluate the impact to the organization of current security advisories, publications, and trends.
Apply automation to simplify routine tasks.
Perform security reviews and provide insights throughout all phases of software development.
Proficiency in developing clear, concise and easy to follow documentation for security operations related procedures.
Scripting/programming skills such as shell scripting, Python, Perl.
Systems operation and administration experience with Linux, Windows Server, VMware and/or container
Respond to security events on a 24/7 basis if necessary
Collect, analyze and archive electronic and written records, digital media, notes, and other evidence
Identify ways ICANN can learn from security events and avoid repeat events
Subject Matter Expertise in at least 2 of the following areas, with the capability to acquire expertise in all:
Authentication and Authorization
User Behaviour Analytics
OS Security Hardening (Windows, Linux, MacOS, iOS)
Knowledge (or the capacity to quickly gain knowledge) of encryption theory and practice (e.g. TLS, HMAC, RSA, AES, PKI)
Network Security Monitoring
Log Management (SEIM)
Packet Capture Dissection
Web Application Security
Secure Coding Practices
Common Vulnerabilities and Mitigation
Vulnerability Detection and Management
Manual Attack / Defense Techniques
Passive Network Detection
Threat Modeling and Security Controls
Data Security/Privacy Practices
Other duties as assigned or requested
Able to travel internationally if requested
Desired Education and Experience Requirements
Bachelor's degree in Computer Science or IT or equivalent training and experience in Computer Science, Information Technology, with 3 - 5 years of related experience.
Professional certifications in Information Security, such as SANS GIAC certs or similar.
3 - 5 years of overall IT operational experience including, ideally, at least two years of security-related projects.
Strong written and verbal communication skills in English.