Information Security Engineer

Company: Colfax Corporation
Location: Vista
Posted on: April 27, 2021

Job Description:

Job Description: The Information Security Engineer is responsible for protecting the confidentiality, integrity and availability of our DJO's Information Technology assets. This includes monitoring and security for, but is not limited to network equipment, servers, desktop and laptop computers, software and electronic information. PRINCIPAL JOB FUNCTIONS:

• Promote a security philosophy of risk mitigation practice through proactive security awareness training, cost effective security countermeasures, host-level security, and security planning/integration.
• Ensuring that corporate systems are safeguarded against malicious intrusions.
• Evaluate network architecture and hardware/software configurations for security vulnerabilities.
• Participate in the review and analysis of internal projects and external connectivity issues that may have an impact on security
• Build system baselines to be adhered to for all future build outs.
• Support corporate wide security monitoring
• Ensure currency and effectiveness of authentication, encryption, and intrusion detection methods.
• Coordinate with all concerned parties to ensure the currency of all security patches and updates, as well as anti-virus software.
• Conduct periodic network penetration tests, using either in-house or outside resources.
• Be aware of the IT security requirements for the business and implement measures to satisfy those requirements in the most efficient manner.
• Evaluate and conduct security assessments on all new third party solutions being acquired or utilized by the company. This includes assisting with requirements gathering, assessment, and recommendations towards
• Designing, implementing and maintaining network and computer security policies.
• Assess security posture for all systems including cloud and on premises environments.
• Assess the compliance of vendors based on the contractual agreement and where applicable, governing regulations or laws.
• In some cases, as Information Security Engineer you will be required to conduct on-site audits, which may include travel.
• Work as part of the overall Information Technology organization and collaborate actively providing input and guidance to the team with regards to security industry best practices.
• Have the ability to contribute and drive new ideas, solve complex problems, innovate processes and streamline methodologies to increase and improve information security posture of the organization.
• Assist in the research and recommendation of hardware and software solutions to augment or enhance existing compliance measures as needed OTHER JOB FUNCTIONS:
  • Research and recommend solutions to fulfill regulatory compliance requirements in our legacy on premise and cloud-based environments.
  • Contribute to new control design, risk assessments and control rationalization efforts for compliance and operational processes.
  • Collaborate with key stakeholders in Security, Internal Audit and our external auditors to deliver the successful execution of compliance.
  • Streamline and coordinate testing activities across multiple business units.
  • Provide consultation and advice to stakeholders on their SOX, GDPR, and additional compliance requirements and deliverables while providing best practice insight.
  • Develop, update and maintain compliance documentation covering all in scope systems and supporting technology.
  • Assist the Chief Information Officer with board, executive and management-level reporting metrics, materials and dashboards.
  • Review security audits and track and report all remediation efforts.
  • Keep abreast of emerging security technologies and make appropriate recommendations regarding their implementation.
  • Other duties may be assigned SKILLS, KNOWLEDGE AND ABILITIES REQUIREMENTS
    • Experience with information security policies, intrusion response procedures, disaster recovery procedures, risk analysis, and significant experience administering the operations of a complex security infrastructure.
    • Practical knowledge and experience with compliance and security framework standards such as SOX, PCI, SOC 2, NIST/CSF, CIS, ISO 27001.
    • Working knowledge of current and upcoming privacy regulations such as GDPR and LGPD.
    • Knowledge of cloud and SaaS solutions
    • Effective communication skills to translate technical risks and exposures to a business perspective - formal reports and/or presentations.
    • Strong analytical, troubleshooting & interpersonal skills
    • Strong verbal and written communication skills
    • Self-motivated and able to work independently
    • Self-Leading- Demonstrate ethics and integrity according to the company's principles and values
    • Must be customer focused, responsive, and take initiative in this role. EXPERIENCE AND EDUCATION
      • 6 + years of experience insecurity operations related role
      • BA/BS in related field preferred. Equivalent experience/certification acceptable.
      • CISSP or GSEC Certifications or able to achieve certification within 6-12 months
      • CEH Certification a plus ABOUT DJO GLOBAL DJO Global is a leading global developer, manufacturer and distributor of high-quality medical devices that provide solutions for musculoskeletal health, vascular health and pain management. Our products address the continuum of patient care from injury prevention to rehabilitation after surgery, injury or from degenerative disease, enabling people to regain or maintain their natural motion. Our products are used by orthopedic specialists, spine surgeons, primary care physicians, pain management specialists, physical therapists, podiatrists, chiropractors, athletic trainers and other healthcare professionals. In addition, many of our medical devices and related accessories are used by athletes and patients for injury prevention and at-home physical therapy treatment. Product lines include rigid and soft orthopedic bracing, hot and cold therapy, bone growth stimulators, vascular therapy systems and compression garments, therapeutic shoes and inserts, electrical stimulators used for pain management and physical therapy products. Our surgical division offers a comprehensive suite of reconstructive joint products for the hip, knee and shoulder. Our products are marketed under a portfolio of brands including Aircast, Chattanooga, CMF, Compex, DonJoy, ProCare, Exos, Dr. Comfort, DonJoy Performance and DJO Surgical. For additional information on the Company, please visit www.DJOglobal.com. DJO is a growing subsidiary of diversified technology leader Colfax Corporation EOE AA M/F/VET/Disability All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, religion, color, national origin, sex, protected veteran status, disability, or any other basis protected by federal, state or local laws.

Keywords: Colfax Corporation, Vista , Information Security Engineer, Engineering , Vista, California