Security Engineer, Business Information Risk
Company: Audible
Location: Newark
Posted on: November 7, 2024
|
|
Job Description:
At Audible, we believe stories have the power to transform
lives. It's why we work with some of the world's leading creators
to produce and share audio storytelling with our millions of global
listeners. We are dreamers and inventors who come from a wide range
of backgrounds and experiences to empower and inspire each other.
Imagine your future with us.ABOUT THIS ROLEAs a Security Engineer
II at Audible you will advocate for information security throughout
all our software development and business processes. You will work
with other Security Engineers, Application Developers and System
Engineers to protect our customers and Audible's business.ABOUT THE
TEAMAudible Information Security team is looking for an experienced
Security Engineer to join our world class team. We are obsessed
with protecting customer trust. We are a hands-on team working to
protect our computer networks, servers, applications and data
assets. This role will be focused on managing risk across our
business functions.True to Audible's People Principles, we are
committed to the success of our people and supporting the
communities in which we work. Our leadership team is dedicated to
mentoring and coaching to help each individual identify their
career goals, flourish, and achieve their potential. Our
environment encourages everyone to participate. Our diverse team
depends on differing backgrounds and perspectives to foster robust
conversations that lead us to the right solutions for our
customers.As a Security Engineer, you will...- Perform third party
security risk assessment and due diligence, including managing
questionnaire response, evidence verification, and report
preparation- Assess and secure third-party integrations, services,
solutions and partnerships, ensuring controls are implemented to
the highest security standards - Assess, identify and develop
recommendations regarding data protection, insider threat, data
sharing, identity and access management- Execute internal security
and confidential information usage security assessments, audits,
and investigations- Assess and prioritize security assessment
findings and recommend appropriate mitigations.- Respond to
security violations, vulnerabilities, and incident detections-
Provide guidance on risk, compliance, and policy to technical and
non-technical internal customers, including security training and
outreach to internal teams and external supply chain partners-
Apply your security and business knowledge to drive secure and
pragmatic improvements to Audible people, process, and assets,
while guiding technical trade-offs between short versus long term
security and business goals- Contribute to / provide feedback on
the development of security standards and control requirements-
Strong organizational and communication skills, with a demonstrated
ability to work in a multi-tasking dynamic environment while
maintaining a high level of ownership and accountabilityABOUT
AUDIBLEAudible is the leading producer and provider of audio
storytelling. We spark listeners' imaginations, offering immersive,
cinematic experiences full of inspiration and insight to enrich our
customers daily lives. We are a global company with an
entrepreneurial spirit. We are dreamers and inventors who are
passionate about the positive impact Audible can make for our
customers and our neighbors. This spirit courses throughout
Audible, supporting a culture of creativity and inclusion built on
our People Principles and our mission to build more equitable
communities in the cities we call home. - Bachelor's degree in
computer science or equivalent- Experience with AWS products and
services- Experience applying threat modeling or other risk
identification techniques or equivalent- 5+ years of any
combination of the following: threat modeling experience, secure
coding, identity management and authentication, software
development, cryptography, system administration and network
security experience- Experience with the information security
principles and the Common Body of Knowledge (CBK) domains and core
technologies (CIA, encryption, identity, authN/authZ, SSO, web
protocols, and privacy)- Experience in advocating security best
practices for third party integrations (e.g. with SAAS solutions,
third-party libraries, etc.)
#J-18808-Ljbffr
Keywords: Audible, West Orange , Security Engineer, Business Information Risk, Engineering , Newark, New Jersey
Click
here to apply!
|