| Location: | Cambridge, MA, US | Posted Date: | 2015-01-12 00:00:00.0 | ||
| Category: | Network Security | ID: | 13832 |
Overview:
About the Job
As a Senior Application Security Engineer in Enterprise Security Services, you will provide business and technical advice on a wide variety of information security issues, concerns, and problems. The Application Security Engineer makes sure that all business applications developed in-house or developed by outsiders on behalf of Akamai Technologies have adequate security control measures. Working on task forces and with other groups like Enterprise Architecture, Networking and Operations groups in the Information Systems Department, the Applications Security Engineer is an in-house subject matter expert who diligently assists with the improvement of security on information systems at Akamai. As a visible internal spokesperson of the Enterprise Security Services Department, you will be charged with gaining widespread support of and compliance with information security requirements.
About the Team
Akamai Enterprise Security Services is responsible for safeguarding the security of the business assets that make Akamai run. We engage with every Akamai organization in support of ongoing initiatives, ensuring security is injected throughout project and process lifecycles. We provide security architecture oversight and assist in the design and development of secure application capabilities and solutions, (b) investigate and provide mitigation strategies for security incidents, (c) conduct application security reviews and forensics analysis, (d) provide operational support to track, manage, and mitigate attack, malware and vulnerability events, and (e) build relationships with customers, industry and academia to enhance our brand.
Responsibilities:
* Provide security guidance and pragmatic solutions during project and / or product reviews ensuring that services approved are in compliance with Akamai’s Security Policies and Standards
* Participate in periodic information systems risk assessments including those associated with the development of new or significantly enhanced business applications
* Interpret information security policies, standards, and other requirements in light of specific internal information systems, and assist with the implementation of these and other information security requirements
* Perform code reviews and security tests for both internal and external applications, coordinating timely resolution of issues found
* Work with the Legal Department to ensure that contracts of products, platforms and applications have the necessary security input
* Stay informed about the latest developments in the information security field, including new products and services, through on-line news services, technical magazines, professional associations, industry conferences, training seminars, and other information sources
Qualifications:
Basic Qualifications
* Bachelor’s Degree in Science or Engineering or equivalent experience
* 5+ years of experience with information security principles and practices such as: access control, authentication, authorization, and audit
* 3+ years of experience with application-level vulnerability testing and auditing
* 3+ years of experience with network security engineering and/or analysis
* 3+ years of experience with SIEM and Log Management, VPN, PKI, 2-factor authentication, SAML, cryptography.
* 2+ years of development experience in C, C++ and / or Java
Desired Qualifications
* Proven ability to multi-task with a focus on tracking, results, and reporting
* Must be able to communicate clearly and effectively, both verbally and in writing
* Must be self-directed and detail oriented
* Scripting experience (e.g. Perl, Python, Regex)
* Knowledge of computer regulatory framework (such as ISO 27001, PCI DSS, or NIST 800-53)
* Active member of industry security working groups
* CISSP, CISM and/or SANS certification a plus
Other Information
* Is relocation available for this position: No
* Is US Citizenship required: No
* Is a Security Clearance Required: No
If yes, applicants selected will be subject to a government security investigation & must meet eligibility requirements for access to classified information.
About Akamai:
Akamai® is the leading content delivery network (CDN) providing cloud services that help deliver, optimize, and secure online content and business applications. At the foundation of Akamai solutions, the Akamai Intelligent PlatformTM enables unmatched speed, reliability, and security—backed by expertise and relentless innovation—to improve reach and invisibility across the web. Akamai removes the complexities of connecting the increasingly mobile world, supporting 24/7 consumer demand, and enabling enterprises to more securely leverage the cloud. To learn how Akamai is accelerating the pace of innovation in a hyperconnected world, visit www.akamai.com, and follow @Akamaijobs on Twitter.