We are seeking a Security Engineer for 24x7x365 Operations Center. AXS provides the most state-of-the-art digital ticketing, event marketing, and relationship management applications to entertainment venues, artists, professional sports teams, universities, and arts organizations around the world, enabling clients to truly take ownership of their ticketing operations and build better relationships with their customers and fans. Qualified candidates will have experience in Cloud Security and have a background in Systems Engineering.
- Identify security issues and risks, and develop mitigation plans.
- Work with the team and QSA on PCI (level 1 & level 2 service provider) & SOC initiatives for the company.
- Architect, design, implement, support, and evaluate security-focused tools.
- Develop and maintain security policies and guidelines in AWS and in particular, Cloud Formation, CloudTrail, AWS Inspector, EC2, EMR, S3, Redshift, RDS, AutoScaling groups
- Develop security policies and procedures and lead their implementation from end to end
- Oversee threat management and security incident handling, including the coordination of investigations and reporting of security incidents to management, in alignment with business
- Proactively work with IT and business to identify security risks and implement practices that meet standards for information security.
- Design and implement controls to meet security and compliance needs.
- Partner with development and infrastructure teams to identify and remediate vulnerabilities
- Ensure that security is factored into the evaluation, selection, and configuration of hardware, applications and software.
- Coordinate security efforts with the development, systems, product and project teams.
- Provide support and guidance for legal and regulatory compliance efforts, including audit support
- Promote information security awareness throughout the company.
- Ensure audit trails, systems logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
- Stay current with security technologies and threats by monitoring vendor and industry publications and attending training.
- 3+ years of security and AWS experience
- Must have experience working within PCI data security & SOC standards
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus software, authentication systems, log management, web application scans, OWASP Top 10, SANS25, content filtering, office 365 DLP security etc.