Cyber Security-Engineer I - Bangalore, IN - FICO
Reporting to the Sr. Manager, Cyber Security Configuration Management and Vulnerability Management (CMVM) and Endpoint Operations, this role is responsible for managing corporate wide efforts in the areas of Endpoint Engineering and will work with stakeholders to understand threats unique to that functional area. This position will collaborate with technology, security, and product management groups across the corporation to drive successful execution of the endpoint security program to ensure an appropriate enterprise security posture.
General IT knowledge is required. A solid understanding of OS’s, IP networks, database, and application functionality are critical. This position should be able to participate in technical discussions with IT partners and have the ability to quickly understand the FICO Technology environment’s key applications.
- Collaborate with the Cyber Security Operations Team and Corp IT partners in workstation engineering to drive visibility of all aspects of the delivery of secure endpoints and associated applications.
- Provide expertise as an internal subject matter expert with respect to endpoint security, policy and decision-making processes to ensure alignment with FICO’s business model and enterprise risk strategy.
- Responsible for vulnerability management program and publishing security advisories, which include both externally and internally, reported vulnerabilities.
- Partner with IT, Security and product teams towards resolution and holding teams accountable to targeted project dates.
- Maintain and direct execution of the endpoint security solutions including the delivery of enterprise wide vulnerability assessments, management of communication and resolution of findings across the enterprise stakeholders.
- Establish and monitor the appropriate configuration standards, based on CIS, to ensure baselines are being met and compliance drift is managed.
- Continuous review of endpoint security posture inside the company and knowledge of all external developments that could impact the security posture, including vendor patches, zero-day exploits, end-of-life systems or deprecated services.
- Monitor activities of assigned partner areas to ensure compliance with internal policies and standards
- Participate in the development and implementation of new business initiatives involving security to ensure compliance with established policies.
- Provide guidance to business functions on security-related matters.
- Initiate improvement activity to reduce risk, ensure compliance, lower cost, and improve quality within IT processes.
- Conduct/support periodic risk assessments and develop appropriate mitigation plans in support of
- deliverables particularly for audit.
- Refine and revise existing policies and procedures to support internal and external compliance programs. Author new policies and procedures and ensure adequate training for adherence by employees.
- Support additional internal and external compliance activity as required.
- Regularly interact with all levels of management and peers with dignity, respect, and tact
- Bachelor's degree in Computer Science or related field nice to have; equivalent work experience is acceptable
- 2+ years’ experience in support of information technology teams/systems (MAC or Windows), networks, or related business processes
- CISSP,CISM, or another similar info security/IT certification is desired or the willing to pursue CISSP or CISM
- Demonstrates subject-matter expert level understanding in multiple IT, Security and Software disciplines.
- Ability to understand endpoint based Operating Systems
- Must be able to multi-task and keep track of large amounts of information across disparate systems.
- Ability to keep making progress and define future strategy/policy with regards to endpoint security.
- Adherent to ‘continuous monitoring’ and ‘continuous improvement’ thought process.
- Demonstrated technical security expertise in a variety of cloud platforms (preferred).
- Proven track record of decision-making and leadership with matrixed teams.
- Comfortable interfacing with other internal organizations regarding problems that must be addressed to enhance security posture.
- Ability to effectively translate and present solutions in business or management terms.
- Ability to work effectively in a team environment.
- Ability to work independently with minimal supervision.
- Experience with endpoint based security solutions such as anti-virus, web proxy, CMVM, IAM, etc