Newegg Inc.

  • Manager, Information Security

    Job Location US-CA-City of Industry - HQ
    Posted Date 3 weeks ago(9/28/2018 12:38 PM)
    ID
    2018-4723
    Category
    Internal Audit
  • Purpose Of The Job

    Responsible to manage and lead Information Security team to preserve the availability, integrity, and confidentiality of Newegg’s information assets. Identify IT incidents and threats and ensure that they are properly identified, analyzed, investigated, reported, and remediated.

    Responsibilities/Duties

    • Establish and maintain information security policies, standards and procedures for the entire company relating to risk assessment, classification, prevention, protection and guideline of information.
    • Maintain compliance with laws and regulations (include, but not limited to PCI-DSS and GDPR). Institute information security education and awareness to improve security consciousness.
    • Plan and develop information security strategy, integral security architecture, and implementation of information security technology and management systems.
    • Facilitate control testing, event monitoring, vulnerability assessment, penetration testing. Manage remediation effort to correct identified security breaches and weaknesses.
    • Work with IT, MIS, HR, Legal, Finance, other department heads to ensure proper development, deployment, and administration of information protection mechanism.
    • Lead forensic analysis of security violations.
    • Other duties as assigned

    Minimum Requirements & Special Attributes

    • Bachelor’s degree in Computer Science, Engineering, or related field.
    • 8-10 years of experience in information security and Cyber Security related field.
    • Strong communication skills, both written and oral.
    • At least one security certifications is required (CISA, CISM, CISSP, CEH, GSEC, PCI-Professional).
    • Experience with Information Security scanning tools including, but not limited to, WhiteHat, Nessus, Qualys, Tenable, etc.
    • Experience with the following technologies: SIEMs, WAFs, IDS/IPS, APT, Anti-Malware, System/Network/Web application security testing (DAST), Statistic Application Security Testing (Code review), System
    • integrity monitoring, Data Leak prevention, Mobile device security, Windows and Linux security, Database security (SQL & Big Data), PKI, API security and Encryption.
    • Experience with web and mobile application design and languages including html, java script, java, c++, python, php etc.
    • Experience with Cisco/Netscaler devices (Firewall, IDS/IPS, wireless controller) preferred.
    • Experience with Cloud based solutions, Docker, and VM preferred
    • Strong communication skills, both written and oral, capable of working with cross functional technical and business units and various levels of management.
    • Knowledge of computer forensic tools and investigative methodologies.

    Essential Mental and Physical Functions

    Mental Functions:
    This position makes decisions on major operations of Information Security department. The job will
    contribute to important strategy, operational, and business decisions that affect the department.

    Physical Functions:
    Sitting required 90% of the time. Walking and standing required 5% of the time respectively. No heavy
    lifting required. Constant working on a computer.

    Equipment Used

    Standard office and computer equipment including MS Office software.

    Work Environment

    Office cubicle environment with minimal exposure to the environment or health hazards.

    Supervisory Responsibilities

    Up to two direct reports

    Language Skills

    Must be able to speak, read, write and comprehend English.

    Travel Requirements

    25% travel is required both domestically and internationally.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed