AddressYou will be a true advocate for greater information security awareness and best practices throughout Edelman. This is an incredible opportunity to bring your skills and experience to a critical role within the industry’s largest communications marketing agency.
Responsibilities and Expectations (may include but not be limited to):
- Act as a hands-on technologist and subject matter expert in the design, coordination, technical evaluation, and integration of various IT security technologies around the globe.
- Process design, documentation, and operational hand-off of vulnerability scans, IDS alerts, SIEM Alerts, and other security logs while acting as top-level support.
- Drive, to completion, solutions to the most challenging technical issues for the department.
- Act as backup for web and application security penetration testing for internal, external, and client websites.
- Function as security subject matter expert and liaison to internal Edelman teams (both technical and non-technical) for relevant projects.
- Ensure that security configurations of key systems are properly implemented, monitored, and reported.
- Lead security investigations and provide forensics services in response to security incidents.
- Conduct risk assessments on new and existing technologies; perform reviews for new products.
- Develop technical security standards in support of information security policies and principles.
- Train other Security Team Members on processes, procedures, and technologies.
- Actively mentor other Security Engineers while assisting with problem resolution.
- Contribute to cost measurement initiatives and account for budget requirements for expanded capabilities.
- Assist the EVP, Information Security, Risk, and Governance with achieving the departmental goals (and in the absence of, drive):
- Define and manage overall IT security strategy & architecture
- Define the processes to identify various IT security concerns, gaps, and remedial actions to ensure the security of the business
- Identify, analyze, and evaluate business IT continuity risks to help prioritize and guide appropriate mitigation efforts
- Set IT Security Policies & Standards, drive IT Security Audits, assure Compliance & Governance
- Work closely with relevant client teams to ensure our engagements align with our internal policies
- Identify opportunities where we can advance our client offer using relevant technology
Key Measures of Success:
- RELENTLESS PURSUIT OF EXCELLENCE
- Become the ‘second-in-command’ for the Information Security team and a trusted advisor to the EVP, Information Security and Risk.
- Set an example of operational excellence and reasoned decision-making to other team members.
- FREEDOM TO BE CONSTANTLY CURIOUS
- Constantly test existing ideas and challenge the business to improve our security posture
- Highlight new industry developments or security issues that could impact Edelman.
- Pursue personal growth and educational development – both technically and as a manager.
- COURAGE TO DO THE RIGHT THING
- Seek out and highlight operational inefficiencies, question conventional thinking, and raise awareness of unidentified risks.
- Address security matters openly and honestly with the right balance between best practice and organizational sensitivity.
Basic Qualifications:
- At least 10 years experience in an IT discipline (Security, Application, Network, or Workstation/Server) designing and implementing a global enterprise environment.
- Bachelor’s degree in Computer Science or related discipline
- An individual without a degree must have a documented 15 years of experience with increasing responsibility.
Preferred Qualifications:
- Demonstrable IT industry education and/or continuous learning in technical and business fields. An ability to maintain current knowledge in technical fields is a highly desired skill.
- Excellent organizational and problem-solving skills; highly self-motivated and directed.
- Ability to explain complex problems and concepts to non-technical audiences in a clear and concise manner that focuses on business value.
- Expert-level experience with Operating Systems with a keen ability to apply this knowledge to Information Security fields.
- Ability to apply security principles to contract language and client security questionnaires.
- Knowledge of network engineering and local and wide area (LAN/WAN) technologies and topologies.
- Expert knowledge of Identity and Access Management design, including least privilege and administrative controls segregation configurations. Experience with or ability to adapt such knowledge to Azure Entra and enterprise resource planning applications such as Workday.
- Expert knowledge of several technical security solutions (i.e. Microsoft O365, IDS/IPS, secure remote access, authentication, traditional and next-gen firewalls, encryption, VPNs, SIEMs, application security, advanced malware detection, vulnerability management, and other relevant domains)
- Advanced knowledge and experience implementing current information security best practices in a large, global network (CIS, NIST, or ISO preferred).
- Ability to balance multiple projects / competing priorities simultaneously and maintain a collected demeanor in high-pressure situations.
Edelman is a global communications firm that partners with businesses and organizations to evolve, promote and protect their brands and reputations. Our 6,000 people in more than 60 offices deliver communications strategies that give our clients the confidence to lead and act with certainty, earning the trust of their stakeholders. Our honors include the Cannes Lions Grand Prix for PR; Advertising Age’s 2019 A-List; the Holmes Report’s 2018 Global Digital Agency of the Year; and, five times, Glassdoor’s Best Places to Work. Since our founding in 1952, we have remained an independent, family-run business. Edelman owns specialty companies Edelman Data & Intelligence (DxI) and United Entertainment Group (entertainment, sports, lifestyle).
For more information please visit: www.edelman.com Click here to view a short video about life at Edelman.
