Principal Information Security Engineer
At Nuance, we empower people with the ability to seamlessly interact with their connected devices and the digital world around them. We are creating a world where technology thinks and acts the way people do by designing the most human, natural, and intuitive ways of interacting with technology.
Our nimble technology uses analytics and advanced algorithms to transform the inanimate into animate and reduce complicated processes into simple ones.
Join our Mobile team…intelligent systems now ready for the road. We are passionate about developing intelligent interfaces that enable people to talk to their cars, phones, devices, and other smart “things”.
Nuance seeks an experienced Information Security Engineer to develop and contribute security standards, architecture/design criteria and solutions for all product/platform components in all stages of the software development lifecycle of its Mobility Division.
This role will work alongside development, operations, professional services and management to establish “security-in-design” and ensure the confidentiality, integrity and availability of Mobility’s applications and customer-, employee- and company proprietary- data.
The individual will lead the division’s efforts to prepare for security incident response, including alerting and detecting capabilities through security tools such as SIEM, Event Correlation, File Integrity Monitoring, IPS/IDS, AV/AM, Netflow, etc., and improvements to the Event Management and Incident Handling processes for the division.
This role serves as the Security Incident Manager, coordinating investigation, remediation and communications pursuant to the division’s Incident Handling process.
- Develops and contributes security standards, architecture/design criteria and solutions to support division programs and initiatives, customer requirements and the implementation of ISO 27001 and CSC information security controls.
- Understands customer and business requirements to provide information security design/solution options for division architects, engineers, operations and professional services.
- Leads and improves the division’s capabilities to detect and alert on security events and incidents through constant incremental improvement to the business rules, queries, filters, correlation and alert criteria among relevant security tools/systems. Work with asset and data owners, process owners (NOC/SOC) and managers for relevant and useful security event alerting/reporting.
- Identifies appropriate platform and application logging and triggers at design phase to support advanced fraud and cyber detection use cases. Integrates appropriate systems and logs into the security information and event management system to properly protect critical assets. Designs, tests and develops specific content and alerting to identify threats against critical assets.
- Drives improvements to the division’s processes and procedures for Event Management and Incident Handling for security events and incidents. Updates incident response procedures for new threat content and alerts.
- Serves as Security Incident Manager, coordinating investigations, forensics, remediation among 3rd and 4th level support and oversees communications with internal and external parties. Escalates and invokes Nuance’s Cyber Incident Response Team (CIRT) as appropriate.
- Liaises with Corporate Security on security operations and security tool/system requirements, design and deployment and with Legal, Human Resources, Privacy and other internal and external departments as security incidents merit.
- Develops and reports on key activity- and performance indicators concerning Security Events and Security Incidents for the Division.
Number Of Years Of Work Experience:
- Minimum five (8) years of experience in network, infrastructure, OS, or software engineering
- Minimum of five (5) years of experience in information security
- In-depth knowledge of IT organization end-to-end areas and functions
- In-depth technical capabilities and professional knowledge of IT and Information Security
- Strong understanding of network security, systems security, and application security
- CISSP, CISM or similar information security credentials
- Understanding of the information security vendor landscape
- In-depth knowledge of at least three: networking, infrastructure, operating system, database, application, and web services employed in platform- and software- as a service
- Solid understanding of systems and tools required to provide configuration and patch management; asset management, and monitoring in a large scale hosting environment
- Experience with security related technical tools (Palo Alto, Tripwire, Splunk, ELK) and processes
- Strong analytical and problem solving skills
- Ability to work both independently with sole responsibility, and as part of a team to deliver quality work product in a timely fashion in a fast-paced environment
- Ability to communicate effectively with peers across divisions
- CCNA, MSCE and other such credentials
- Linux and Windows Operating System Administration
- Access Control technologies; LDAP, Active Directory and Identity & Access Management
- MS Azure and Amazon Web Services
- PKI and Key Management
- Bachelors Degree in Computer Science, Engineering, or Information Technology field
- Masters Degree in related field a plus
Nuance offers a compelling and rewarding work environment. We offer market competitive salaries, bonus, equity, benefits, meaningful growth and development opportunities and a casual yet technically challenging work environment. Join our dynamic, entrepreneurial team and become part of our continuing success.
Nuance Communication Inc. is an equal opportunity employer. We evaluate qualified applicants without regard to race, age, color, religion, sex, national origin, disability, veteran status, gender identity, sexual orientation and other legally protected characteristics. The EEO is the Law poster and its supplement is available here.If you need a reasonable accommodation because of a disability for any part of the employment process, please call 781-565-5000 – Human Resources Department and let us know the nature of your request and your contact information.
We believe in the power of intelligent systems and what that power can do for you. Together, our innovations in voice, natural language understanding, reasoning and systems integration create more human technology – technology that adapts to you instead of you having to adapt to it. We power flagship devices and solutions from the likes of Samsung, will.i.am, Ford, and Domino’s. With nearly 20 billion cloud transactions last year alone, chances are you’ve already experienced our technology –at work, in the car, on your phone, or at the doctor’s office. See how Nuance technology is transforming your daily life.
voice recognition, natural language understanding, health information technology, clinical language understanding, voice biometrics, document imaging, print management, connected car, wearables, software, text-to-speech, chatbots, call center solutions
Company Type: Public Company
Company Size: 10,001+