Cybersecurity Engineer

WHAT WE ARE LOOKING FOR

This role is an experienced Information Security Compliance subject matter expert who will take a lead role in improving our compliance and security program.  This position will focus on three areas: Audit/Compliance support, Vendor Risk Management and RFX (answering customer security questionnaires).  You will have excellent communication skills, a solid foundation in information security principles and an expertise in information security management systems as it relates to compliance with applicable frameworks.  Strong understanding of privacy laws and regulations like GDPR, CCPA/CPRA and other similar regulations.  This position reports to the Director of Platform Security.  

This opportunity is for you, if you are:

Excited to work across the many Tealium products and services

Empathetic, patient and passionate about helping Tealium improve its security posture

Constantly looking for security technological innovation opportunities

Driven to help customers accelerate their digital transformation

YOUR DAY TO DAY

• Support the maintenance of Tealium’s certifications: HIPAA, SOC2 Type 2, ISO 27001, ISO 27701, ISO 27018, TISAX Level 1

• Conduct Vendor Risk Management assessments of critical Tealium vendors

• Respond to customer information security RFX requests (security questionnaires)

WHAT YOU BRING TO TEALIUM

• You have 5+ years total experience in information security 

• You have 3+ years experience working with Cloud Hosting Environments such as AWS, Azure, GCP and others in a high traffic global business

• You have earned a bachelor’s degree in an Information Technology related field of study or equivalent experience; relevant, industry recognized security certification such as CISSP, CISA, CSSLP, or CRISC

• You have deep knowledge of information security principles and technologies such as Security Incident and Event Management (SIEM), intrusion prevention and detection (IPS/IDS), firewalls, proxies, web filters, email filters, web application firewalls, and end-point anti-virus, etc

• Familiarity with networking, operating systems, web applications, common techniques used by hackers/attackers and cloud technologies (i.e. IaaS, PaaS, SaaS) and cloud platforms (AWS, Azure etc)

• Experience with compliance frameworks such as SOX, HIPAA, SOC2, ISO 27001, ISO 27018, ISO 27701 are a must; familiarity with NIST 800-171 and 800-53, FedRAMP, HITRUST and PCI DSS is nice to have

• Excellent problem solving and analytical skills, as well as outstanding oral and written communication skills

• The ability to work in a fast-paced environment and the ability to deal with ambiguity

• Ability to handle multiple competing priorities and work well under minimal supervision