Security Engineer, Business Information Risk
Company: Audible
Location: Newark
Posted on: November 6, 2024
Job Description:
At Audible, we believe stories have the power to transform
lives. It's why we work with some of the world's leading creators
to produce and share audio storytelling with our millions of global
listeners. We are dreamers and inventors who come from a wide range
of backgrounds and experiences to empower and inspire each other.
Imagine your future with us.ABOUT THIS ROLEAs a Security Engineer
II at Audible you will advocate for information security throughout
all our software development and business processes. You will work
with other Security Engineers, Application Developers and System
Engineers to protect our customers and Audible's business.ABOUT THE
TEAMAudible Information Security team is looking for an experienced
Security Engineer to join our world class team. We are obsessed
with protecting customer trust. We are a hands-on team working to
protect our computer networks, servers, applications and data
assets. This role will be focused on managing risk across our
business functions.True to Audible's People Principles, we are
committed to the success of our people and supporting the
communities in which we work. Our leadership team is dedicated to
mentoring and coaching to help each individual identify their
career goals, flourish, and achieve their potential. Our
environment encourages everyone to participate. Our diverse team
depends on differing backgrounds and perspectives to foster robust
conversations that lead us to the right solutions for our
customers.As a Security Engineer, you will...
- Perform third party security risk assessment and due diligence,
including managing questionnaire response, evidence verification,
and report preparation.
- Assess and secure third-party integrations, services, solutions
and partnerships, ensuring controls are implemented to the highest
security standards.
- Assess, identify and develop recommendations regarding data
protection, insider threat, data sharing, identity and access
management.
- Execute internal security and confidential information usage
security assessments, audits, and investigations.
- Assess and prioritize security assessment findings and
recommend appropriate mitigations.
- Respond to security violations, vulnerabilities, and incident
detections.
- Provide guidance on risk, compliance, and policy to technical
and non-technical internal customers, including security training
and outreach to internal teams and external supply chain
partners.
- Apply your security and business knowledge to drive secure and
pragmatic improvements to Audible people, process, and assets,
while guiding technical trade-offs between short versus long term
security and business goals.
- Contribute to / provide feedback on the development of security
standards and control requirements.
- Strong organizational and communication skills, with a
demonstrated ability to work in a multi-tasking dynamic environment
while maintaining a high level of ownership and
accountability.ABOUT AUDIBLEAudible is the leading producer and
provider of audio storytelling. We spark listeners' imaginations,
offering immersive, cinematic experiences full of inspiration and
insight to enrich our customers daily lives. We are a global
company with an entrepreneurial spirit. We are dreamers and
inventors who are passionate about the positive impact Audible can
make for our customers and our neighbors. This spirit courses
throughout Audible, supporting a culture of creativity and
inclusion built on our People Principles and our mission to build
more equitable communities in the cities we call home.Minimum
Qualifications:- Bachelor's degree in computer science or
equivalent.- Experience with AWS products and services.- Experience
applying threat modeling or other risk identification techniques or
equivalent.- 5+ years of any combination of the following: threat
modeling experience, secure coding, identity management and
authentication, software development, cryptography, system
administration and network security experience.- Experience with
the information security principles and the Common Body of
Knowledge (CBK) domains and core technologies (CIA, encryption,
identity, authN/authZ, SSO, web protocols, and privacy).-
Experience in advocating security best practices for third party
integrations (e.g. with SAAS solutions, third-party libraries,
etc.).
#J-18808-Ljbffr
Keywords: Audible, Cherry Hill , Security Engineer, Business Information Risk, Engineering , Newark, New Jersey
Didn't find what you're looking for? Search again!
Loading more jobs...