Senior Information Security Engineer - Cardtronics Inc. Frisco, TX, USA Bookmark Share Print 830 1 14

Listing Description

As the global leader in ATM deployment and management, no one operates more ATMs in more locations than Cardtronics. Our processing network, service delivery platform, operational expertise and scale advantages are being leveraged for cost-effective expansion into new markets of opportunity through both organic growth and targeted acquisitions. Cardtronics puts a relentless focus on improving the productivity of our ATMs for the benefit of retailers, consumers and financial institutions alike.

At Cardtronics, we are Champions of Cash… because it matters. Our purpose-driven mission is to ensure cash remains accessible and viable in our markets around the globe. Cash is woven into the very fabric of society. Cash is… a good meal with friends, learning financial responsibility, giving, caring, durable, and so much more.

The Senior Cyber Security Engineer role is responsible for developing and maintaining systems and procedures used to identify and mitigate threats to the organization’s global enterprise and infrastructure. The incumbent will be a member of a team of cyber security professionals, developing policies and procedures, configuring and maintaining the security technologies and managing the global security enterprise platform. It includes integration of corporate controls into all Cardtronics environments. The Security Engineer will have a good balance of business and technical knowledge and will be comfortable across many disciplines of Information Technology and demonstrate a strong passion for Information Security.Essential Duties and Responsibilities:

Find security solutions that balance business requirements with cybersecurity needs and the design of the Cardtronics Global security infrastructure

Lead continuous improvement in company’s cybersecurity posture, such as SOP definition and improvements, training, and demonstrate best practices through hands-on involvement in all security related activities

Lead analysis and handling of security vulnerabilities and incidents and make recommendations to management for planning of infrastructure capacity and improvements

Perform threat and risk analysis and define mitigations in line with risk acceptance criteria

Design, implement and enforces security policies that protect systems and data from access by unauthorized users to systems, networks and data

Develop, evaluate and manage systems security across the enterprise, with areas of concentration that include account security management, network based and Web-application based vulnerability scanning, virus management and intrusion detection

Design, implement, and maintain infrastructure tooling to articulate security risks and recommendations not limited to the following technologies:

Enterprise Logging

Web/Email Filtering

Network Access Control

Intrusion Prevention System

Public Key Infrastructure

Automation/Orchestration

Cloud Security Infrastructure

Endpoint Protections

Develop, mature and maintain security architecture strategy, principles, models, standards, guidelines and configurations

Collaborate with Cyber Security team and other departments with diverse skill sets in making calculated risk-based decisions that will secure business operations

Develop and implement set policies and parameters to tune Cyber Security technologies

Develop and incorporate reporting measures to outline the effectiveness of the security measures globally.

Integrate architecture and system/network level controls for new and existing technologies.

Support development of Cyber Security controls to prevent, detect, or counteract risks.

Attend, Participate, and provide recommendations on technical projects as assigned.

Core Competencies and Skills:

Expertise in anti-virus software, intrusion detection, firewalls and content filtering

High level of proficiency insecurity concepts, risk assessment tools, technologies and methods

Expertise in designing secure networks, systems and application architectures

Expertise in anti-virus software, intrusion detection, firewalls and content filtering

Knowledge of risk assessment tools, technologies and methods

Expertise in designing secure networks, systems and application architectures

The IT security engineer should also have experience with and knowledge of:

Endpoint security solutions, including file integrity monitoring and data loss prevention

AWS and cloud platform as a service (PaaS) security

Automation and Orchestration technologies

Programming languages Python (preferred), JavaScript, PHP, SQL, C, C++

Ability to manage and communicate across all areas of the corporation.

Demonstrated ability to show initiative to drive progress and improvement

Ability to handle multiple task, prioritize and meet deadlines

Familiarity with regulatory and legal obligations.

Excellent written and verbal communication skills

Understanding of financial services industry and/or ATM industry.

Education and Experience:

Bachelor level degree in Business or Information Technology.

Industry level Cyber Security certifications desired. i.e. CISSP, CEH, SANS

Ten years of technical network, endpoint, and server security

Technical expertise in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized technical expert and to lead teams in making sound risk-based decisions