Location: Base Camp – Remote
Location: Springfield, MO (Bass Pro Shops Base Camp)
POSITION SUMMARY:
The Information Security Engineer III is the senior IT security staff grade within the information security framework. The position requires expert level experience and certification in IT security, and will have an extensive background in core security areas including secure design and engineering, security analysis, incident management, security tools, policy, forensics and investigation, investigative and preventative controls, vulnerability assessment, penetration testing, ethical hacking, audit and compliance, security in layers, and core security techniques. The ISE III will work closely with other security and operational team members along with leaders in Information Systems, Legal, Human Resources and other business units to coordinate information security risk management activities including IT risk assessment, decision support and remediation planning, security program development, incident response, and security testing activities. In addition, the ISE III will assist in the assessment, monitoring, and reporting on compliance with regulations relating to information security including GLBA, HIPAA, SOX, PCI/DSS and state and federal laws. The ISE III will also support ISE I and EISM in the coordination and development and maintenance of information security policies and the information security awareness and training programs.
ESSENTIAL FUNCTIONS:
- Provides technical input for the design, deployment and operation of security management software and hardware devices including, but not limited to: Firepower Management Center, Sourcefire, ISE, and other Cisco security products. 30%
- Provides multi-domain expert level Information Security guidance and direction to business, IT, and audit and control organizations. 25%
- Provides information to security management in the maintenance, development and deployment of new and existing policies, processes and systems. 15%
- Supports EISM, ISE I, and ISE II in information security assessments or audits of internal networks and systems with the EISM. Document findings in written reports with recommendations for remediation. 15%
- Provides input for plans and helps coordinate technical security architecture, design and development. 15%
- ALL OTHER DUTIES AS ASSIGNED
EXPERIENCE/QUALIFICATIONS:
Minimum Degree Required: Bachelors Degree in Cyber Security or equivalent IT work experience.
Experience: 8-10 years
Qualifications: Multi-domain Security Experience – 8+ years
Multiple professional certifications in IT security and/or audit acquired or obtainable within 6mo’s Required
CISSP, CISM, CISA, GIAC, GSEC, CSSP, CCIE-Sec, CEH, PCI ISA, etc.
KNOWLEDGE, SKILLS AND ABILITY:
- Knowledge of HIPAA, GLBA and SOX legislation as it pertains to information security and data privacy laws.
- Strong knowledge, experience, and familiarity with standards based encryption practices such as PKI, PGP, SSL, etc.
- Intermediate to expert level experience in Cisco network security products.
- Familiarity and experience developing, writing, and enhancing enterprise grade security policy and procedure, effective analysis in reviewing current practices, identifying improved approaches, and proposing same.
- Ability to work with small teams of high-performance professionals with direct or indirect matrix relationships.
- Proven project and resource management skills.
TRAVEL REQUIREMENTS:
Possibility of infrequent traveling.
Bass Pro Shops is an equal opportunity employer. Hiring decisions are administered without regard to race, color, creed, religion, sex, age, national origin, ancestry, citizenship status, disability, veteran status, genetic information or any other basis protected by applicable federal, state or local law.
Cabela’s