IT Cyber Security Engineer
Kimberly-Clark Corporation
Argentina-Buenos Aires
hace 3 días

IT Cyber Security Engineer

Job Description

The IT Cyber Security & Assurance (CS&A) Security Engineer provides expertise on information systems security, purpose, plan and implementation and maintenance of security defenses that provide the best protection and value for the organization.

Assists with the creation of security architecture and implementation artifacts that fully integrate with Business, information technology initiatives and objectives.

A P3 level engineer is responsible for developing, articulating, and implementing knowledge in a holistic manner, across multiple mission-

critical categories and domains of Cyber Security. Some limited examples of engineering solution expertise include; but not limited to :

  • Web filtering technology
  • Network intrusion defense technology
  • End point monitoring technology
  • Data leak protection technology
  • Intrusion prevention technology
  • Firewalls technology
  • Security information and event management technology
  • Network tabs, traffic aggregators and filters technology
  • Identity management tools, AD, LDAP, web front end and virtualization technology
  • Cloud architecture, configuration and deployment technology
  • S / he must have cross-domain expertise in at least three of the core categories listed above. The skillset and ability to collaborate with domain experts to ensure cohesive, end-

    to- end security program maturity is paramount.

    This P3 level engineer is expected to partner with senior team members to, negotiate, and influence non-technical bodies (i.

    e. legal, compliance, finance, etc.) in order to gain approval to build and deploy proper solutions to safeguard KC’s people, data, and systems.

    The P3 engineer will be responsible for assisting in the lead of multiple architecture and delivery of projects representing strategy-

    shift and investments greater than $500,000 per initiative / strategy.

    This role is viewed as an expert in complex security environments, encompassing both business process understanding and technical expertise.

    The P3 engineer directly interfaces with senior engineers and at times may be asked to interface with leadership and business units to communicate capabilities in business and non-

    technical terms. S / he will develop solutions and strategy for CS&A to deliver the business’s desired results. The Engineer assists in developing of innovative technical solutions to, important, highly complex strategic operational goals.

    Is knowledgeable in industry best practices in their area of expertise and uses resources outside of KC to deliver solutions.

    ESSENTIAL FUNCTIONS :

    Has a broad depth and global impact / focus across the enterprise; including multiple functional and technical areas with wide range of complexity.

    Ensures architectural principles are applied to reduce risk and drives adoption and adherence to policy, standards and guidelines.

    Design and implement security technologies such as (1) cryptographic technologies used for non-repudiation and authorization, (2) access management technologies to protect access to Kimberly-

    Clark resources and (3) multi-tier cloud and on premise architecture to support high- availability / fault tolerance

    Work with Senior Engineers to effectively architect, design and translate objectives into tactical plans

    Assist with the development of strategy and execution plans for the digital landscape to enable Kimberly-Clark security to move from reactive to proactive / adaptive

    Contributes to the evaluation and selection of security software product standards

    Consults and shares knowledge across org; awareness of industry trends

    Operates as a focus for IT security expertise for the organization, providing guidance on the application and operation of specific / respective security controls

    MINIMUM REQUIREMENTS :

    Education required / preferred :

  • Bachelor's degree
  • Experience :

  • 7+ years information technology experience
  • 4-8 years of IT security experience in multiple domains with API, WAF, IAM, NAC, FW, Cloud, DLP, SSO, PKI, Gateway, etc.
  • Experience with data security technologies including Information Labelling, Rights Management and File Encryption
  • Preferred Experience

  • Experience collaborating with Enterprise, Application and Infrastructure engineers to identify, design, and implement highly complex, end-to-end solutions
  • Experience with consulting, guidance, architectural support for business- facing initiatives with demonstrated ability to work with and consult for non-
  • technical users and leaders

  • Experience writing security policies
  • Experience with governance, expansion and innovation on endpoint, network and identity automation and enhancements
  • Intermediate or better experience with scripting
  • Verbal and written fluency in English is mandatory
  • Ability to work in a virtual team which may work across distance (remote), cultures and time zones, in a matrix with multiple reporting lines, and may extend outside the K-
  • C organization including suppliers, partners and customers.

  • 7+ years’ experience with endpoint security technologies
  • 3+ years’ experience with cryptographic tools such as HSM and PKI
  • 3+ years’ experience with network security technologies
  • Certified Information Systems Security Professional (CISSP)
  • Experience with identity technologies such as SAML and ADFS
  • Skills / Competencies :

    Information security : Develops and communicates security policy, standards and guidelines. Contributes to the development of organizational strategies that address security control requirements.

    Identifies and monitors environmental and market trends and pro-actively assesses impact on business strategies, benefits and risks.

    Assist with the provision of authoritative advice and guidance on the requirements for security controls in collaboration with experts in other functions e.

    g. legal, technical support. Ensures architectural principles are applied during design to reduce risk and drives adoption and adherence to policy, standards and guidelines.

    Business Risk Management : Manages the implementation of organization-wide processes and procedures, tools and techniques for the identification, assessment, and management of risk inherent in the operation of business processes and of potential risks arising from planned change.

    Solution Architecture : Uses appropriate tools, including logical models of components and interfaces, to contribute to the development of systems architectures in specific business or functional areas.

    Produces detailed component specifications and translates these into detailed designs for implementation using selected products.

    Within a business change program, assists in the preparation of technical plans and cooperates with

    business assurance and project staff to ensure that appropriate technical resources are made available. Ensures that relevant technical strategies, policies, standards and practices (including security) are applied correctly.

    Build Trust : Possesses strong negotiation and influencing skills and can demonstrate the ability to deal tactfully and constructively with staff at all levels.

    Excellent communication skills both written and verbal. Able to communicate highly technical concepts to non-technical people.

    ORGANIZATIONAL RELATIONSHIPS / SCOPE :

    Role will report to a Senior Manager in the Cybersecurity and Assurance organization. Role will not have any direct reports.

    Key Interfaces :

  • Enterprise Architect
  • ITAS, GSMI & Infrastructure Solution Architects
  • Chief Information Security Officer (CISO) / Deputy CISO
  • External Interfaces :
  • Consultant
  • Consultant
  • 3rd Party provider
  • Cloud Service Providers
  • WORKING CONDITIONS : Travel may include approximately 15% of work time.

    Travel may include travel via aircrafts and motor vehicles to various locations, if applicable.

    DISCLAIMER : The above statements are intended to describe the general nature and level of work being performed by employees assigned to this classification.

    They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of employees assigned to this position.

    Global VISA and Relocation Specifications :

    Full time

    Inscribirse
    Añadir a los favoritos
    Eliminar de mis favoritos
    Inscribirse
    Mi Correo Electrónico
    Al hacer clic en la opción "Continuar", acepto que neuvoo recolecte y procese mis datos de conformidad con lo establecido en su Política de privacidad . Tengo derecho a darme de baja o retirar mi autorización en cualquier momento.
    Continuar
    Formulario de postulación