Description:
As a Staff, Enterprise Security at Epsilon, you will play a pivotal role in strengthening our enterprise security posture. You’ll be responsible for designing, implementing, and maintaining security solutions that protect our infrastructure, applications, and data. Your work will directly support Epsilon’s strategic goals and ensure compliance with regulatory standards.
What You’ll Achieve
- Design and deploy enterprise-grade security solutions to safeguard critical data and infrastructure.
- Provide architectural guidance on network security technologies (e.g., firewalls, IDS/IPS, WAF).
- Evaluate, recommend, and integrate security tools that deliver business objectives securely.
- Develop and maintain security standards and procedures to meet compliance requirements (e.g., GDPR, HIPAA, PCI-DSS).
- Identify and remediate vulnerabilities through risk-based analysis and mitigation strategies.
- Participate in security architecture reviews and contribute to the design of secure systems.
- Build strong multi-functional relationships to promote security awareness and collaboration.
- Partner with compliance teams to ensure alignment with internal policies and external regulations.
- Promote secure development practices within CI/CD pipelines and engineering workflows.
- Drive automation and process improvements to enhance security operations.
- Act as a liaison between technical teams and leadership to communicate security strategies and risks.
- Lead initiatives to embed security into the broader engineering ecosystem.
Who You Are
- What You’ll Bring with you:
- Bachelors or master’s in computer science or related Field.
- Minimum 8 years of hands-on experience in security engineering or related fields.
- Proven experience designing, deploying, and managing security solutions in diverse environments.
- Experience developing security standards and policies.
- Familiarity with regulated environments (e.g., PCI, HIPAA).
- Proficiency with scripting languages (Python, PowerShell, Bash, etc.).
- Experience using security assessment and asset management tools.
- Solid understanding of:
- Network security concepts and protocols
- Cloud security technologies
- Security architecture and frameworks (e.g., NIST, ISO 27001)
- Web application and API security
- Cryptographic principles
- Familiarity with secure software development practices.
- Experience with DevSecOps and CI/CD security integration.
- Knowledge of sophisticated persistent threats (APTs) and threat intelligence operations.
- Strong analytical and critical thinking skills.