Workhuman

  • Senior IT Security Engineer

    Job Locations
    IE-Dublin
    Category
    Information Technology
    Type
    Permanent Full-Time
  • The Opportunity

    The IT Security Engineer’s role is part of the team reporting to the Information Security & Compliance Officer.  This team manages all technology-related security and compliance issues across the organization including information security, privacy, disaster recovery, business continuity, supplier reviews, user access and data integrity.  

     

    The Information Security & Compliance team works closely with Sales, Customer Success and Legal departments on IT Security related matters in the areas of Customer / prospect review, audit and RFPs.   

     

    The team also works closely with the technology and development teams on the implementation of policies, procedures and controls to ensure that the organization's practices remain compliant with industry best practice standards. 

     

    The team implements and manages security technologies that help maintain and raise the overall security posture of the organization while providing assurance to senior management and customers.  

    Responsibilities, Skills & Qualifications

    The value you will deliver: 

    • You will work with the Sales, Customer Success and RFP support teams on issues relating to Information Security in response to both Customers and Prospects evaluation of Workhuman. 
    • You will manage the Third Party / Supplier review program ensuring that all new suppliers / potential suppliers meet minimum security standards and work with existing suppliers to improve their Information Security stance.  
    • You will work with internal communications / HR staff to develop, plan, implement and delivery ongoing Information Security awareness and privacy training across the organization including the development of metrics
    • You will develop and implements a program of reviews / measurement to provide assurance of compliance with policy (to include application / system reviews, User access reviews, Firewall rules reviews etc.) 
    • You will create and rollout appropriate Information Security / IT policies as required. Review existing policies and their implementation. 
    • You will add you voice to the identification and documentation of Risks and where necessary the development and management of mitigations 
    • You will work with and guide business areas on the development and testing of practical BCP plans for each department 
    • You will provide technical input to all implementations / development solutions ensuring industry best practice standards are adhered to by all
    • You will work with the teams to implement a meaningful set of monitoring / metrics from IDS / File integrity checking / Logs to ensure good visibility of network activity. Refining the results according to the current threat landscape 
    • You will manage a regular external and Internal Scanning / Pen Testing program to provide assurance for both management and customers of the security status of the environments and make such testing an integral part of the SDLC
    • You will research, evaluate, test and implement security products as required. 

     

    The skills you will bring: 

    • 5+ years of IT experience, with three years in an information security role or managing security technologies.
    • A diploma or degree in Computer Science or IT related discipline or equivalent is desirable. 
    • Have acquired or be in the process of acquiring a security certification E.G. CISA, CISSP or GISP:GIAC, CEH, CHFI or other security related technology certifications. 
    • A cloud certification would be beneficial. 
    • A solid understanding of industry best practice standards such as International Standards Organization (ISO)2700x, the IT Infrastructure Library (ITIL) and Control Objectives for Information and Related Technology (COBIT) frameworks.
    • Familiarity with applicable legal and regulatory requirements, including, but not limited to, GDPR, Privacy Shield, PCI-DSS, the U.S. Sarbanes-Oxley Act, the U.S. Health Insurance Portability and Accountability Act (HIPAA) and PIPEDA is desirable.
    • Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, management and business personnel.
    • Strong project management skills and experience in creating and managing project plans.
    • Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Ability to provide innovative solutions to issues and problems. 
    • Up to date industry knowledge and participation in industry forums to ensure knowledge of the latest threat vectors etc. 
    • Knowledge of risk frameworks / methodologies is desirable. 
    • Knowledge of Agile development methodologies. 
    • An understanding of operating system, network protocols and cloud technologies to include a good knowledge of Active Directory, IP addressing, and firewall technologies.Experience in application technology security testing.
    • Experience in security testing (vulnerability scanning and penetration testing).
    • Knowledge of Log management, IDS / IPS, file integrity software. Splunk experience an advantage. 

     Benefits: 

    • 25 days annual leave, increasing with years of service 
    • Company plan VHI Health Care & Dental cover for employee, partner and children 
    • A Pension commences after probation period - 
    • Participation in Workhuman’s employee motivational programs  
    • Discounted gift certificates  
    • Discounted TaxSaver Travel cards/free car parking (subject to availability) 
    • Income Protection  
    • Life Assurance  
    • Access to our Tuition Reimbursement Scheme  
    • Access to Wokrhuman University 
    • Additional ‘perks’ - Free breakfast cereal, fruit, tea/coffee, fantastic catered events throughout the year etc. 

    The Company

    Who We Are:

    Culture creators. Visionaries. Innovators. Game changers and changemakers. A Unicorn or two … That’s who we are at Workhuman®. We love what we do because we’re shaping the future of work – and the world – through our people and global technology. We’re building cultures of gratitude and human connections for leading global brands – and that starts with our own. Here you can be yourself, learn, and grow with some of the best people you’ll ever meet. Be inspired to do your best work, celebrate life’s most meaningful moments, and truly experience the benefits of an award-winning workplace and caring culture rooted in respect and gratitude. This is the place where you can make a positive difference to colleagues, customers, and the world every day. You might just be the next human we’re looking for – because all the things that make you human and unique are the very reasons you belong here!

    The Company:

    Workhuman® is the world’s fastest-growing integrated Social Recognition® and continuous performance management platform. Our human applications are shaping the future of work by helping organizations connect culture to shared purpose. With a consistent stream of gratitude fueling unparalleled, provocative workplace data and human insights, Workhuman® Cloud is a critical software engine for global companies seeking to motivate and empower their people to do the best work of their lives. Workhuman® (formerly known as Globoforce) was founded in 1999 and is co-headquartered in Framingham, Mass., and Dublin, Ireland.

    Did you know:

    • We are #1 Great Place to Work in Ireland for the 2019 medium-sized workplace category and have been named one of the 2019 Top Places to Work in Massachusetts by the Boston Globe
    • Workhuman® is used by 4.5 million of employees across 160 countries.
    • Our core values are; Respect, Determination, Innovation and Imagination.

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed