Job Title: Senior Security Engineer
Location: Reston, VA / Remote
About This Role:
The Senior Security Engineer plays a strategic role in defining and implementing the organization's security strategy, architecture, and practices. The security engineer will collaborate with a diverse set of stakeholders, including Engineering, DevOps, Infrastructure Engineering, Security, Compliance, Privacy and Data Governance. The senior security engineer will be required to effectively translate business objectives and risk management strategies into specific security processes enabled by security technologies and services.
What You'll Do:
- Research, evaluate, recommend, and implement security solutions, standards, and best practices to protect Comscore’s business from potential threats.
- Conduct security risk assessments of cloud and internal systems, applications, and IT infrastructure as part of the overall risk management practice of the organization.
- Conduct vulnerability assessments and other security reviews of systems, and prioritize remediation based on the risk profile of the asset.
- Review and assess security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks, applications, or users.
- Conduct code reviews to determine security flaws or other issues that would impact the confidentiality, integrity, or availability of systems.
- Coordinate with DevOps teams to educate on and advocate for secure coding practices.
- Support the testing, validation, and improvements of internal security controls.
- Assist with penetration testing and other "red" team exercises.
- Develop recommendations and standard to protect cloud environments. Conduct periodic audits.
- Establish incident response playbooks and procedures.
- Monitor security vulnerability information from vendors and third parties.
What You'll Need:
- Bachelor's degree in security, software engineering, information systems, or equivalent work experience
- 5 years IT security, DevOps, and/or network security experience
- Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management
- Knowledge of security-related solutions, such as Next-Generation Firewall, Endpoint Detection and Response (EDR), Intrusion Detection/Prevention (IDS/IPS), Security Incident and Event Management (SIEM), Web Application Firewall (WAF), Denial of Service (DOS), Data Loss Prevention (DLP), Cloud Security Access Broker (CASB), Data Encryption, Application Security Testing (DAST, SAST, OSA), Identity and Access Management (IAM)
- Proficiency in AWS architecture and CLI. At least two years of experience working with Amazon Web Services
- Proficiency in scripting languages (Python, Perl, Powershell, etc)
- Proficiency in API integration or development is a plus
- Experience in pentesting and application security testing
- Knowledge of network infrastructure, including application delivery controllers, load balancers, routers, switches, firewalls, and associated network concepts and protocols.
- Experience with common information security management frameworks, such as ISO 27002 and National Institute of Standards and Technology (NIST) frameworks.
- Experience with Dev Sec Ops practices is a plus
- Strong written and verbal communication skills
- Strong analytical and problem-solving skills
- Continuous improvement mindset
- Strong team-oriented interpersonal skills
- Strong customer/client focus, with the ability to manage expectations, provide a superior customer/client experience and build long-term relationships.
- Ability to work well under minimal supervision.
- Industry Certifications (e.g. CISSP)
At Comscore, we’re pioneering the future of cross-platform media measurement, arming organizations with the insights they need to make decisions with confidence. Central to this aim are our people who work together to simplify the complex on behalf of our clients & partners. Though our roles and skills are varied, we’re united by our commitment to five underlying values: Integrity, Velocity, Accountability, Teamwork, and Servant Leadership. If you’re motivated by big challenges and interested in helping some of the largest and most important media properties and brands navigate the future of media, we’d love to hear from you.
Comscore (NASDAQ: SCOR) is a trusted partner for planning, transacting and evaluating media across platforms. With a data footprint that combines digital, linear TV, over-the-top and theatrical viewership intelligence with advanced audience insights, Comscore allows media buyers and sellers to quantify their multiscreen behavior and make business decisions with confidence. A proven leader in measuring digital and set-top box audiences and advertising at scale, Comscore is the industry’s emerging, third-party source for reliable and comprehensive cross-platform measurement. To learn more about Comscore, please visit Comscore.com.
EEO Statement: We are an equal employment opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, national origin, sex, disability status, sexual orientation, gender identity, age, protected veteran status or any other characteristic protected by law.
To comply with federal law, Comscore participates in E-Verify. Successful candidates must pass the E-Verify process after hire.