Ingram Micro’s mission is to help businesses fully realize the promise of technology. No other company delivers the full spectrum and scale of global technology to businesses around the world. Ingram Micro’s global infrastructure and deep expertise in platform technology, cloud and mobility enable our customers to operate efficiently and successfully in an increasingly digital economy.
With the launch of our Global Cloud Marketplace, Ingram Micro Cloud is changing how business is done in the Cloud. We are a master cloud service provider (mCSP), empowering organizations to configure, provision and manage cloud technologies with confidence and ease.
The Cloud Security Team is seeking a talented individual with a strong security & compliance acumen and a can-do attitude who is ready to roll up their sleeves and get to work!
- Select, deploy, optimize security systems and tools to audit and monitor the environment and harden IMC’s security posture both on private and public clouds
- Lead security roadmap development in alignment with organizational priorities to define top areas of focus
- Actively monitor, research cyber security threats, always be up to date with a direct or indirect threat landscape that could impact business operations, or technology infrastructure
- Build data aggregation and security threat reports and presentations to raise cross-organizational awareness on the threat landscape, prevention/avoidance, risk, and remediation
- Work with team members and business stakeholders to ensure all stages of the Cybersecurity Incident Management Response are covered; Prepare, Detect, Contain, Investigate, Eradicate, Recover, Follow-Up
- Create, update, and maintain procedures, standards, and guidelines for secure design, implementation, and operation of information systems and services
- Complete required compliance and audit activities in support of the Governance, Risk and Compliance team
- Establish lines of communication to understand business needs, integrate the information security program within the organization
- Engage and negotiate with customers and partners on Data Privacy Agreement, Vendor Assessment to ensure alignment with security policies, compliance and regulatory requirements
This position is perfect if you have:
- Proven experience with security threat management including detection, prevention, remediation
- Experience leading, the selection, design and implementation of information security controls and tools
- Experience with DevSecOps processes, framework, and technologies
- Have a thirst and hunger for all that is security!
- Expert-level knowledge in one or more technical areas, product development, network/cloud security, malware detection/analysis, threat intelligence, cryptography, vulnerability management, incident response, forensics, social engineering, or hacking techniques
- Designing and implementing IDM solutions for internal and customer facing platforms
- Source code control and security best practices in a development environment
- Designing, implementing, and managing endpoint security controls and best practices
- Expert understanding of IT security industry standards (i.e., NIST; ISO-27001; SOC2 Type2)
- Familiarity with CSA (Cloud Security Alliance) standards and practices
- 5-7 years’ experience, in infrastructure engineering, IT and/or software development
- Artful communication skills and organizational savvy, to steer peers and leadership toward solutions that carefully balance business, risk, compliance, and engineering concern
- Implementation of intrusion detection, firewall policies and malware software
- Designing and implementing security policies and practices on Cloud environments including Azure, AWS, GCP
- Experience within a 24x7 production environment, preferably across multiple data centers and 3rdparty cloud environments
- Once or more of the following professional certifications in the security, privacy, risk management and audit areas highly desirable, such as: CISSP, CRISC, CISM, CISA, CCSP, PCIP, GCIT
Successful candidates will join an elite global team, that strives to innovate and automate, while contributing to a Centre of Excellence within the organization. If you are a talented, detail-oriented and enthusiastic security professional who is passionate about technology and working with high performing teams, this position is for you!