Principal, Information Security-IND
Chennai, TN, India
Job ID: 51202
Description Ingram Micro touches 80% of the technology you use every day with our focus on Technology Solutions, Cloud, and Commerce and Lifecycle Solutions. With $50 billion in revenue, we have become the world’s largest technology distributor with operations in 64 countries and more than 35,000 associates. Position Summary: Design, install, manage, and implement business plans, policies and procedures to maintain systems, network, database and/or Web security; develop, implement, and maintain information security, including access management, vulnerability assessments, penetration testing, infrastructure, and regulatory compliance; responsible for reporting, investigation, and resolution of data security incidents; analyze business needs and oversee security architecture, administration, and policy planning to lessen possibility of security breach; recommend enhancements to plug potential security gaps. Prevent IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organization's information systems and IT assets and intellectual property including: Designing, testing, and implementing secure operating systems, networks, and databases; Password auditing, network based and Web application based vulnerability scanning, virus management, and intrusion detection; Conducting risk audits and assessments, providing recommendations for application design. Monitoring and analyzing system access logs; Planning for security backup. Provide guidance and direction on best practices for the protection of information; ensure compliance with regulations and privacy laws. May oversee internal or external systems security (e.g., cloud services).What you bring to the role:Recognized subject matter expert with specialized knowledge in the function. Manages large projects or processes. Limited oversight from manager. Coaches, reviews and delegates work to lower level professionals. Problems faced are difficult and often complex. Influences others regarding policies, practices and procedures. Provides solutions to a variety of advanced complex technical projects or business issues requiring state of the art technical or industry knowledge. May be the in-house expert on specific technologies or within the job function area. Complete understanding and wide application of advanced technical principles, theories and concepts in a specialized field. Possess broad knowledge of professional field and other related functions. Goals are provided to the incumbent in form of desired results. Determines and develops approach to solve functional area related issues. Possess the strongest of skills acquired through advanced training, study and experience. Four year college degree (or additional relevant experience in a related field). Minimum 8 years functional experience including a minimum of 5 years position specific experience. *This is not a complete listing of the job duties. It’s a representation of the things you will be doing, and you may not perform all of these duties.
9+ years of strong hands-on experience in digital forensics examinations and/or investigations using the EnCase tool.
- 5+ years of experience in law enforcement (deputized) investigations (fraud, counterintelligence, high-tech crimes, etc.).
- 5+ years of experience in interviewing after taking a Reid Technique class (or an equivalent) • Advanced knowledge and understanding in various disciplines such as security engineering, system and network security, authentication and security protocols, cryptography, and application security.
- Experience with cloud services. • Strong understanding of vulnerabilities, common attack vectors and has attacker mindset: the ability to think about creative threats and attack vectors. • Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.
- Deep understanding of internals and constructs of modern operating systems. • Experienced with EnCase, FTK, X-Ways, Axiom, SIFT, Splunk, Elastic Stack, Redline, Volatility, WireShark, TCPDump, and open-source forensic tools.
- Proficiency with at least one interpreted programming language (Python, Ruby, etc.). • Relevant security certifications (EnCE, OSCP, OSCE, GPEN, GXPN, GREM, GNFA, GCFA).