Senior Security Engineer

Grant Thornton 7/11/2019 2:03:02 PM
JOB ID: 044133 Specialty:
Oakbrook Terrace, Illinois

   

DOWNLOAD PDF

 


Senior Security Engineer

About Grant Thornton International Ltd (GTIL)

Grant Thornton has set its sights on creating the next generation professional services organisation. The purpose of GTIL as set out by our global CEO, Peter Bodin, is to shape the future of the network through collaboration and innovation and to continuously bring an external, forward looking and global perspective to the network and its leadership.

Overall role purpose

Provide subject matter expertise and lead on information systems security matters, propose, plan, implement and maintain security controls and defences that provide the best protection value for the organization.

Main responsibilities

Take a leading role in securing the GTIL systems and data from potential threats or compromise
Provide support and consultation to all member firms across the globe on all matters related to security
Take the lead on managing managed services vendors to ensure best in class service delivery to GTIL and the member firms
Design and implement systems’ security controls, defences and capabilities
Design and implement processes to effectively execute the security and monitoring operations
Investigate security incidents and potential compromises to our systems and take actions to protect GTIL systems and data
Utilize forensic best practices to investigate and maintain evidence integrity
Review current security capabilities and provide advice on mitigating controls
Consult with IT projects to provide guidance on security architecture and security posture
Consult with member firms’ IT and non-IT staff to provide guidance and expertise on security matters.
Continually evaluate our systems exposure to existing threats
Consult and provide suggestions to management on security related matters
Stay informed and tuned to security industry trends, potential threats and vulnerabilities
Evaluate system changes across the organization to assess and document the security risk and impact
Review and document standards and procedures to maintain compliance.
Evaluate compliance with regulatory, legal and contractual requirements relative to systems capabilities
Provide security leadership, expertise and solutions on complex initiatives.
Capable of making independent decisions.
Mentors others and may represent management at times.
Takes a leadership role on highly complex projects and provides guidance to less experienced staff.

Communication

The job requires effective leadership, communication (verbal and written) and project management skills to work with various levels and divisions within the organization.
Strong organizational and communication skills
Ability to learn and adapt to a constantly changing technology and threat landscape.
This role is regularly engaged in complex technical discussions with other technical teams, this role is expected to provide clear guidance on the security aspects of those issues or projects.
This role is also engaged with business areas/users to consult on security related topics, this role is expected to provide clear guidance on those topics in a language that can be understood by non-technical staff.
This role scope of responsibility will extend to include member firms across the globe, communication and relationship building is a key requirement
This role is expected to make formal recommendations on security topics, those recommendations can influence management direction at all levels.
The security organization, represented by the security staff, including this role, are expected to communicate clearly at all levels of the overall GTIL organization and with member firms.
This role is expected to present information in writing, email, PowerPoint and other forms of documents.
This role is expected to work professionally with the various areas within GTIL and with member firms, as well as nurture and maintain a good working relationship with them.
This position will interact with multiple levels and roles within the organization and with external member firms. A senior level engineer is expected to apply different strategies to convince others to change their opinions or plans.
Takes a leadership role on highly complex projects and provides guidance to less experienced staff.
Manages project staff and/or implementation teams responsible for the design and analysis process and plays a contributory role when advanced skills are needed.

Decision Making

The security engineer provides input that can impact the systems budget as well as alterations to existing processes and procedures that encompass all users and departments within the organization.
Decisions are made on behalf of and impact across multiple departments; or across several divisions of a significantly large department.
Evaluate our current systems design and operational functions relative to the compliance requirements, when necessary, provide a risk level rating that can help determine the level of management required to accept the risk.
Evaluate Security Impact of changes to Information Systems and a commensurate risk rating.
Review various documents as needed to evaluate the risk and adherence to security best practices; provide feedback on risk level and alternative options.
Provide security best practice guidance on new systems being introduced to our environment.
Assess the need to investigate potential security incidents and the degree to which the investigation must happen.
Determine the need to escalate a security incident to management.
Field questions from all areas in IT and provide guidance on security best practices as well as risk levels associated with the various available options.
On occasion, you will be tasked with researching to understand and provide guidance on new and emerging technologies and how best they can fit into the GTIL environment.
Provides leadership, expertise, and solutions on complex initiatives and is capable of making independent decisions.
Uses GTIL practices, processes, procedures and systems to manage and simplify work and utilize resources efficiently.
Consistently applies knowledge of the organization’s mission, values and strategic goals to their work.
Primary contributor to the development of strategic initiatives

Qualifications

Education/qualifications

Bachelor’s Degree OR equivalent post high school education and/or work-related experience in Computer Science, Information Systems, or other Information Technology related field.
CISSP certification is required.

Experience

Minimum of 2 years in Information Systems plus 5 years working in Information Security OR a combination of relevant experience
Demonstrated expertise in at least 7 of the following areas:
Web filtering technology
Network Intrusion defense systems
End point monitoring
Data leak protection
Intrusion Prevention systems
Penetration testing
Firewalls
WAF
Vulnerability scanning tools
Security Information and Event Management
Network tabs, traffic aggregators and filters
Forensic investigations and relevant tools
Policies, standards, procedures and other forms of documentation.
Identity management tools, AD, LDAP, web front end and virtualization
Application code vulnerability scanning (dynamic & static) and application security
Cloud architecture, security controls, secure configurations and deployment.
User security training and awareness

Benefits:

Grant Thornton LLP promotes a nationally recognized culture of health and offers an extensive array of benefits to meet individual lifestyles. For a complete list of benefits, please visit www.gt.com.

Founded in Chicago in 1924, Grant Thornton LLP (Grant Thornton) is the U.S. member firm of Grant Thornton International Ltd., one of the world’s leading organizations of independent audit, tax and advisory firms. Grant Thornton has revenues in excess of $1.3 billion and operates 58 offices across the U.S., with more than 565 partners and 8,000+ employees.

Grant Thornton works with a broad range of publicly- and privately-held companies, government agencies, financial institutions, and civic and religious organizations. Core industries served include consumer and industrial products, financial services, not-for-profit, private equity, and technology. Grant Thornton focuses on serving dynamic organizations that pursue growth holistically — whether through revenue improvement, leadership, mission fulfillment or innovation.

It is Grant Thornton’s policy to promote equal employment opportunities. All personnel decisions, including, but not limited to, recruiting, hiring, training, promotion, compensation, benefits and termination, are made without regard to race, creed, color, religion, national origin, sex, age, marital status, sexual orientation, gender identity, citizenship status, veteran status, disability or any other characteristic protected by applicable federal, state or local law.






Requisition ID: 044133

Oakbrook Terrace, IL
Oakbrook Terrace, Illinois




APPLY TO THIS JOB