- Company:
Bose
- Location:
Framingham, MA
- Job Status/Type:
Full Time
Employee
- Job Category:
IT/Software Development
- Industry:
Electronics, Components, and Semiconductor Mfg
Retail
- Occupations:
Computer/Network Security
- Career Level:
Experienced (Non-Manager)
- Company:
Bose
- Reference Code:
12312BR
Sr. Information Security Malware Specialist
Requirements
As a member of the IT Security team, you will manage the proactive analysis to detect unauthorized system activity, errors, and threats.
Perform analysis of viruses, worms, Trojan horses, logic bombs, and other forms of destructive program code designed to disrupt business activities, gain unauthorized access to company data, and/or otherwise cause harm to the company's CI (confidential information ) and HCI (highly confidential information).
Conduct root cause analysis including reverse engineering, behavioral and code-based review, protocol analysis and debugging.
Research, defines, deploys, maintains and enhances the company's malware capabilities via policy, central and decentralized teams, technologies, and training programs.
Examine existing malware posture, and develop new technological approaches, as well as policies, processes and procedures, to reduce vulnerabilities (including early warning), maximize the efficiency and effectiveness of malware incident response, and minimize the business and IT impacts of malware-related incidents.
Ensure malware processes and procedures support global business and IT activities across global company locations.
Define and implements a global, 24x7 threat management capability.
Skills
Requires direct, hands-on activity during testing, benchmarking, and production rollout of complex and diverse technologies; researches current trends and emerging technologies that may impact the company.
Must be conversant in, and identify integration points with: SIM/SEM; log and monitoring management; IDS/IPS; firewalls; identity and access management; VPN; encryption; wireless communications; PKI; mail and mail alternatives; desktop and mobile computing controls; vulnerability scanning; heuristic scanning tools; external feeds and sources of alert notifications; early warning systems; CIRT capability deployment; forensic readiness; and internal/external content filtering and monitoring.
Must be able to manage the malware program to legal and contractual requirements.
Must be infosec-certified and accredited (CISSP required; CIPP, CPP, CISM and technology-specific certifications preferred).
Excellent verbal and written communication.
Excellent facilitation skills in both formal and ad-hoc situations.
Must have superb drill-down" capabilities in order to unravel complex technical issues.
Ability to determine innovative approaches to traditional information security issues.
Must be inquisitive, resourceful, and tireless in identifying and minimizing vulnerabilities and risk exposure.
The candidate must be a self-starter and display an intuitive, curious, and investigatory nature in identifying technologies used or being considered through the company. The ability to think out of the box" is essential as wide interpretation of issues affecting the company must be considered. The candidate must have a good rapport with business unit leaders and be viewed as a collaborative individual.
Education
Bachelor's degree required.
