Security Engineer

Description

Who We Are:

CrowdTorch is looking for talented individuals who are interested in starting their career helping us build and support mobile applications for some of the biggest events in the country including the ESPN X Games, New Orleans Jazz Fest, The BCS National Championship and the Kentucky Derby. We were recently acquired by Cvent - the world's largest event technology company - and together we build mobile apps that capture the excitement, shared community, brand and conversation around your event. We specialize in event applications, targeting music festivals, food and wine events, sports and racing leagues and conferences. The software we develop is available on Android and iOS.

international operations.

Job Description

We are looking for an information security professional seeking a unique position with meaningful growth opportunities. This is a hybrid, DevOps role, helping a critical development team write secure code, as well as owning monitoring and response of security-related events.

The Development-side of this position will provide security guidance and direction to a small and growing team of dedicated mobile application developers. You will not write code as much as you will develop coding methodologies and guidelines, implement secure coding practices, conduct code audits and reviews, and perform application security assessments – across native mobile applications as well as their underlying web infrastructure.

The Operations-side of this position will perform traditional, hands-on security operations activities, including application monitoring, incident response, security assessments and compliance. You will conduct day to day analysis of security events, researching their impact, determining their risk, and defining the response. The Security Analyst will leverage state of the art tools to include SIEM, web application firewalls, intrusion detection systems, vulnerability and compliance management software and various monitoring infrastructures to accomplish these goals.

This position is an excellent growth opportunity for an individual wishing to expand his/her information security skills in a fast-paced environment. This role is based in Austin, Texas, working directly with our CrowdTorch division on their native mobile applications and related web application infrastructure. As CrowdTorch grows and its information security requirements expand, this role may develop into greater leadership opportunities.

The ideal candidate will have a minimum of 4 years of relevant experience, deep knowledge of information security best practices, understanding of networks, operating systems, and native mobile applications, and familiarity with common techniques used by attackers and malicious code. A thirst for knowledge and the desire to continuously stay abreast of new developments in the dynamic security space is a must.

• Develop and instill secure coding practices
• Conduct code reviews and application security testing
• Monitor and report on network, system and application logs for security events
• Perform vulnerability assessments and reporting. Liaison with other departments within the company to ensure any new vulnerabilities are remediated in a timely manner
• Evaluate security products to ensure compatibility with information security success criteria
• Ensure compliance with security policy, including PCI and common data privacy standards

• At least 4 years of industry experience
• Understanding of TCP/IP, basic networking concepts and services such as DNS, SMTP
• Understanding of HTTP and typical web application architectures
• Understanding of native mobile application development frameworks
• Experience with assessment tools such as nessus, nmap, metasploit, paros, burp
• Understanding malware such as worms, virii, trojans
• Knowledge of of programming/scripting: Perl, python, ruby, java, shell scripting
• Knowledge of PCI and domestic and international data privacy standards
• Excellent problem solving and analytical skills, outstanding oral and written communication skills
• Self-motivation and the ability to work under minimal supervision are a must
• 4 year degree or equivalent experience; desired majors include Information Systems, Information Security, Computer Science, or Computer Engineering