EBSCO Information Services, the leader in innovative digital content, is searching for a Senior Network Security Engineer. This engineer will help facilitate the transformation of all customer-facing services and web application development environments to our AWS public cloud offerings. EBSCO is migrating toward managing AWS Infrastructure as Code, and therefore, previous experience with AWS CloudFormation and/or Hashicorp Terraform is desired (our new reference architecture only allows changes via code without the need for routine manual changes).
- Engineer high availability and automated failover architectures
- Firewall Management (Traditional and WAF)
- Incident Support (Logs and Evidence Gathering, Analysis of Evidence, Remediation)
- Network design and optimization
- Load Balancing and Traffic Shaping, DNS optimization
- Customer-facing Service Delivery Network (SDN) Security Monitoring and Protection
- Customer-facing Web Application and Platform Architecture Security
- Network Security Architecture/Engineering
- Regulatory Compliance Engineering
- Cyber Threat Intel Management
- Cyber Incident Response Team (CIRT)
- Bachelor's Degree in technical or business discipline or equivalent experience
- 4-7 years of related IT security experience
- A solid understanding of securing AWS Public Cloud and Hybrid Cloud environments is highly desired.
- AWS-specific skills (Networking: Route53, Direct Connect, etc.) and (Security: WAF, Config, CloudWatch, etc.)
- Security Governance Certifications preferred (CISSP, CISM, CISA, CGEIT, CRISC)
- Strong understanding of the Agile Development Framework
- Strong, hands-on technical expertise in the areas of information security architecture, network access controls, Security Event Management, intrusion detection & remediation and perimeter security.
- Experience defining, implementing, and engineering network environments compliant with information security policies, procedures and standards.
- Conduct network security assessments and risk analysis.
- Experience in Healthcare Insurance Portability and Accounting Act (HIPAA)
- Child Online Privacy Protection Act (COPPA)
- General Data Protection Regulation (GDPR)
- Family Educational Rights and Privacy Act (FERPA)
- ISO 27001
- Service Organization Controls