Information Security Engineer

Nice Group Co., Ltd. - Hoboken, NJ

posted 3 days ago

Full-time - Mid Level
Remote - Hoboken, NJ
5,001-10,000 employees
Professional, Scientific, and Technical Services

About the position

The Information Security Engineer role at NICE is designed to support security stakeholders by addressing security and compliance requirements from customers. This engineering-focused position involves hands-on implementation and maintenance of technical controls necessary for compliance with frameworks such as FedRAMP. The role requires collaboration with various managers and stakeholders to ensure security measures align with company policies and compliance processes are followed correctly.

Responsibilities

  • Support security stakeholders by addressing security and compliance requirements from customers.
  • Answer data security questionnaires from existing customers or prospects.
  • Work on new requirements stemming from certifications such as FedRAMP.
  • Implement and maintain technical controls necessary for FedRAMP compliance.
  • Ensure security measures are applied according to company policies.
  • Configure integrations with new security tooling.
  • Ensure security log scanning automation aligns with FedRAMP requirements.
  • Prepare and send regular vulnerability and compliance scanning reports.
  • Develop a deep knowledge of the platform infrastructure, SDLC, and security policy framework.
  • Investigate and make recommendations to strengthen security posture across data, SDLC, and infrastructure.
  • Respond promptly to security-related questions or questionnaires from clients or prospects.
  • Communicate significant changes or developments in the tech security landscape to stakeholders.
  • Perform ad-hoc investigations into security issues impacting regulatory compliance.
  • Develop, track, and report on security metrics and KPIs for the platform.
  • Provide advice and support on security concerns to interested parties within the organization.
  • Collaborate with finance and stakeholders on the procurement of security-related software tools.
  • Identify and address security process or policy gaps related to compliance.

Requirements

  • 5+ years in a hands-on security or software engineering-related role.
  • Technical background with experience in compliance frameworks such as FedRAMP, NIST-800-53, ISO 27001, SOC 2 Type 2, PCI DSS, HIPAA.
  • Experience responding to data security questionnaires and ensuring compliance with industry standards.
  • Experience investigating and addressing software or infrastructure security issues with a focus on regulatory requirements.
  • Strong understanding of software development and infrastructure practices related to the SDLC.
  • Hands-on experience with security software and tooling supporting compliance efforts.
  • Proven ability to communicate security concepts to senior stakeholders in both written and oral form.
  • Understanding of relational databases and security best practices relevant to compliance frameworks.
  • Familiarity with ETL, data warehouse, and reporting systems and related security practices.
  • Knowledge of AWS services and security tools is advantageous.

Nice-to-haves

  • Experience with security tooling for compliance initiatives.
  • Familiarity with various compliance frameworks beyond those listed in requirements.

Benefits

  • Flexible work model with 2 days in the office and 3 days remote work each week.
  • Opportunities for internal career growth across multiple roles and locations.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service