Senior Engineer, Information Security

YUM! Brands, Inc. AL (Alabama)
This individual will provide technical security expertise across a broad range of network infrastructure and business applications, its access and vulnerability management. Network infrastructure includes but not limited to wired, wireless, firewalls and routers. Candidate must have a broad range of technical knowledge and experience. This position is responsible for the design, oversight, and ongoing management of the information security tools, including procedures, technical systems and development of standards in order to maintain the confidentiality, integrity, and availability of data within all company information systems.

Ensures the delivery of exceptional customer service by insuring company systems, IT solutions, and data are secure. Being part of the team implementing tools, associated policies, procedures, and monitoring that will help to insure proper use and protection of company assets and data.

Candidate must ensure delivery of exceptional service by coordinating work efforts across larger enterprise personnel. Must possess high degree of self-sufficiency, ownership, and pride of deliverables. Works collaboratively and with diligence and urgency to complete task with quality. Good project delivery skills are absolutely essential. Responsibilities include but not limited:

* Provides Cloud Security Architectural advice and guidance related to all activities including Information as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) initiatives, projects, plans, and reviews with a specialized focus on Amazon Web Services (AWS) and Google Cloud Platform (GCP)

* Threat and Vulnerability management process oversight and communicate threat and vulnerability observations clearly to leaders and subject matter experts

* Participate in the Systems Development Life Cycle as a security liaison, recommending secure software, host and network designs that protect corporate information confidentiality, integrity and availability.

* Oversee vendor due diligence, questionnaires, contracts and onsite reviews.

* Partner with business and IT to ensure that risks are clearly articulated in a manner that is understood by business and technology audiences

* Initiate, facilitate, and promote activities to create information security awareness within the company.

* Familiar with Incident Response processes and incident response table top exercise.

* Develop security metrics and produce security reporting including dashboard.

* Investigate any misuse or improper actions relating to IT, security, or compliance activities.

* Supports internal and external audit activities and remediation requirements.

* Ensure the ongoing integration of information security architecture with business strategies and privacy requirements

* Research and implement new technologies as required to support the ever changing security landscape

* Provide technical security support to other I/T and business groups

* Perform technical security assessments to ensure proper working of tools and associated controls

Similar jobs you might like