Security Engineer II at arrivia
Do you want to help transform the travel loyalty experience for millions of travelers around the world? Do you want to work in a growing technology team that is building a high performance, scalable, and personalized travel platform? Our goal is to build and be the best travel content and fulfillment platform for our members.
As a Security Engineer you will help us enhance arrivia’s corporate and product security posture by hardening our system boundaries and help to keep us a few steps ahead of the bad guys. You will select, build, and advanced tooling to enable our workforce and services to operate in an efficient and secure manner. You will be the advocate of these best practices to foster a culture of security, mentor and train less experienced information security staff, and act as a force-multiplier within the organization.
What you’ll do:
- Provides hands-on information security technical services to teams of technical specialists working on the integration of shared, centralized and/or networked systems
- Provides technical assistance with the initial set-up, secure deployment, and proper management of systems that support information security including virus detection systems, endpoint detection and response, data loss prevention, network anomaly detection, cloud access security brokers, security information event management, and other security systems.
- Offers technical information security services to distributed personnel who are responsible for one or more information security systems; these people include network administrators, systems administrators, and database administrators
- Evaluates information system bug reports, security exploit reports, and other information security notices issued by information system vendors, government agencies, universities, professional associations, and other organizations, and as needed, makes recommendations to internal management and technical staff to take precautionary steps.
- Runs vulnerability identification software packages and related tools to immediately highlight errors in systems configuration, the need for the update of software with fixes and patches, and other security related changes.
- Compiles, maintains, and documents a collection of software that can trace the source of and otherwise investigate attacks on arrivia systems
- Acts as a technical resource on information security incident investigations and forensic technical analyses.
- Serves as an active member of the incident response team and participates in security incident response efforts by, among other things, having an in-depth knowledge of arrivia’s security systems, common security exploits, vulnerabilities, and countermeasures
Who you are:
- Bachelor's degree in MIS, Computer Science, Cybersecurity, or Engineering related field or a Minimum of 5 years in an IT or IT Security position
- 5+ years of experience in networking and/or security is required.
- Significant experience and technical knowledge in security engineering, security troubleshooting, system and network security, authentication and security protocols, cryptography, and application security.
- Significant experience with encryption standards such as AES, SSL, TLS.
- Significant experience with SIEM systems.
- Significant experience with network and web related protocols (e.g., TCP, UDP, ICMP, IPSEC, HTTP, HTTPS).
- Significant experience with incident management and threat remediation including threat analysis, isolation, identification, eradication.
- Strong understanding of ISO 27001/27701, HIPPA, PII and PCI security principles is a plus.
- Significant experience of Privileged Identity Management tools, principles, and leading practices including password/key vaulting technologies such as Microsoft PIM, CyberArk/Conjur, Thycotic Secret Server, etc.
- Strong understanding of current and emerging issues with technology issues including security trends, vulnerabilities, threats, and attacker tactics, techniques, and procedures
- Experience in developing or researching technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Ability to translate complex issues in technology to language understandable by a wide range of audiences
- Passionate about security; involved in the security community
- CCNP-Security or CISSP certification required.
- CISM or CISA is preferred but not required.
Who We Are:
Welcome to arrivia. We specialize in making brands better through the power of travel. With more than 55 years of combined experience, we’re a merger of three powerhouse brands (in case you’ve heard of us in the travel industry) combining ICE, SOR Technology and WMPH Vacations. With offices on both coasts of the US and around the world, we embrace diversity and a passion for travel across our global staff.
We’re focused on building a customer-first culture, fueled by the best travel experiences for all our members at every point in their journey. Grow with us, as we continue our path to deliver innovative solutions and take charge of change. The adventure is only beginning. We’re on a mission to help people around the world travel better and experience more. Our team members bring world-class skills to the table to create extraordinary memories for our partners and members.
Our Core Values:
Here at arrivia we…
- Stay Curious - Explore new challenges and make space to learn, grow and improve
- Keep it Real - Earn trust through open, honest and clear communication
- Own it - Seek ways to make an impact and take action.
- Win Together - Create a culture of connection and inclusion where everyone can be their best
- Exclusive Employee Travel Rates on Cruises, Resorts & Hotels, Tours, Car Rentals
- Medical Health Insurance
- Dental & Vision Coverage
- 401K Plan
- Long Term Disability & Life Insurance
- Pet Care Insurance
- Legal Insurance
- Flexible Spending Accounts (FSA)
- Employee Assistance Program
- Dedicated Employee Enrichment & Recognition Programs
- Special local, dining and merchandise offerings