Job details

Job Type

Full-time

Full Job Description

Overview:

When you think of InComm Payments, think of Innovative Payments Technology. We were founded 25 years ago and continue to be a pioneer in the payment (FinTech) industry. Since our inception, we have grown to be a team of over 2,500 employees in 30 countries around the world. We own over 386 global technical patents and a network that includes over 500,000 points of retail distribution that points to our industry expertise.

InComm Payments works with the most recognized and valued brands in the world, and we are partnered with most of the world’s leading merchants. InComm Payments is highly focused on our people and their growth, and we work hard to make a career at InComm Payments meaningful and rewarding. We value innovation, quality, passion, integrity and responsibility in all that we do, and we are looking for great people to join our team as we move forward towards a very bright future.

You can learn more about careers at InComm Payments here: www.incomm.com or connect with us on Twitter, Facebook, LinkedIn, or Our Blog.

Inside InComm from InComm on Vimeo.

About This Opportunity:

The Security Engineer II will be responsible for developing and improving security engineering and operations capabilities across InComm business units. This position must be well-versed in the current technical security landscape across application, system, and network layers, diligent in adhering to knowledge management practices, and intellectually curious to develop new skills with evolving technologies. A diverse background is value-add, since a variety of organizational sizes, technology stacks, and processes will be encountered across various business units and within the centralized security program of the InComm parent company.

Responsibilities:

  • Implement and tune log management technologies and SIEM alert logic.
  • Monitor security telemetry from application, system, and network log feeds.
  • Assist in migrating from current firewalls to standard NGFW platform.
  • Perform system hardening for new builds to include agent deployments and assessment of vulnerability and configuration state.
  • Review and advise of identified security gaps or concerns pertaining to new infrastructure or application build out.
  • Gather evidence, perform remediation, and support audit efforts.
  • Create and maintain documentation of security procedures.
  • Contribute to development and maintenance of Information Security Policies, Standards and Guidelines.
  • Think with a security mindset while successfully analyzing business risk and remediation effort, to prioritize efforts and projects and not impact productivity.
  • Partner with other leaders and business project sponsors to build consensus on project requirements, expected timelines, and service delivery goals as well as report on status and key project risks.
  • Communicate highly technical content to various audiences ranging from client engineers to executive management, including mixed audiences.

Qualifications:

  • Hands-on experience deploying and optimizing defensive security technologies at the system, application, and network layers.
  • Experience troubleshooting security technologies to identify root cause in failure conditions.
  • Intellectual curiosity for new technical security topics and systems thinking for reasoning about value across adjacent technologies and processes.
  • Experience performing risk assessments, making relative comparisons of risk severity, and influencing prioritization decisions for information security initiatives.
  • Knowledge of kill chain attack methodology.
  • Knowledge of cryptographic techniques, protocols, ciphers, and key management concepts.
  • Ability to automate simplistic and/or repetitive tasks with code.
  • Knowledge of kubernetes, cloud native architecture, and related security principles.
  • Experience reviewing indicators of compromise against observables generated from security tools.
  • Knowledge of the MITRE ATT&CK framework.
  • Experience performing security architecture review and evaluating trade-offs in design and deployment decisions.
  • Experience handling incidents and forensic data collection.
  • Experience consuming and/or producing deliverables such as gap analyses, RACI charts, data flow diagrams, process flow diagrams, and/or maturity scorecards.
  • Strong analytical skills.
  • Ability to communicate security and data governance related concepts to a broad range of technical and non-technical staff both verbally and in writing.
  • Ability to manage multiple tasks simultaneously and meet established deadlines.
  • Ability to collaborate with all IT teams on security-related incidents, tasks and projects.
  • Ability to work productively while remote and communicate effectively in a virtual team environment.
  • 5+ years IT experience
  • 2+ years Information Security experience.


Education & Certifications

  • A Bachelor’s degree in Information Security, Computer Science, Information Systems, or another related field is preferred, but not required.
  • A CISSP certification is preferred, but not required. Career development plan to include certifications upon hire.


InComm provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin, citizenship, veteran’s status, age, disability status, genetics or any other category protected by federal, state, or local law.

  • This position is eligible for the Employee Referral Bonus Program – Tier 4 – #LI-KJ1