Information Security Engineer
Redwood City, California /
Information Technology, Security, and Business Transformation – Security /
WHO WE ARE:
We are changing the way the world makes decisions! Talend is a global leader in data integration and data integrity. Our software is used to truly transform business and companies with data. We believe our company has a certain Je ne sais quoi that makes us special and gives us opportunities with purpose. We pride ourselves in our values of Passion, Agility, Team Spirit and Integrity.
We help companies take their data from chaos to clarity by delivering complete, trusted, and timely data to the business.
With over 1,400 employees, we support more than 4,750 enterprise customers globally who have chosen Talend to put their data to work. We are consistently recognized by Forrester and Gartner as a leader in the Data Integration Market and our plan for the future is even more exciting.
The Information Security Engineer will be responsible for managing a technical
security infrastructure that provides an appropriate level of security.
The key responsibilities of the role are as follows:
- Enable Talend to develop and implement security solutions and capabilities that are clearly aligned with business, technology and threat drivers.
- Develop and maintain security architecture artifacts (models, templates, standards and procedures) that can be used to leverage security capabilities in projects and operations.
- Track developments and changes in the digital business and threat environments to ensure that these are adequately addressed in security plans and architecture artifacts.
-Participate in application and infrastructure projects to provide security planning advice.
- Draft security procedures and standards to be reviewed and approved and/or formally authorized by the CISO.
- Determine baseline security configuration standards for operating systems (e.g., operating system hardening), network segmentation, and identity and access management (IAM).
- Develop standards and practices for data encryption and tokenization within Talend based on the data classification criteria.
- Conduct threat modeling of services and applications that tie to the risk and data associated with the service or application.
- Conduct security assessments of internal systems, applications and IT infrastructure as part of the overall risk management practice of the
- Conduct vulnerability assessments and other security reviews of systems, and prioritize remediation based on the risk profile of the asset and guidance from the CISO.
- Review and assess security and infrastructure logs for indicators of compromise (IOCs) or other anomalous behavior within networks,
applications or user profiles.
- Ensure that a complete, accurate and valid inventory of all systems, infrastructure and applications is conducted, kept up-to-date and
logged by the security information and event management (SIEM) or log management tool.
- Establish a taxonomy of indicators of compromise (IOCs) and share this detail with the security operations center (SOC) and relevant colleagues.
With guidance from the CISO and in conjunction with SOC colleagues, establish procedures — including escalations — for when IOCs are
- Conduct code reviews of applications to determine security flaws or other issues that would impact the confidentiality, integrity or availability of the system.
- Coordinate with DevOps teams to advocate secure coding practices and escalate concerns related to poor coding practices to the CISO or the individual responsible for the overall security direction.
- Coordinate with the privacy officer to document data flows of sensitive information within the organization (e.g., PII or ePHI) and recommend controls to ensure this data is adequately secured (e.g., encryption, tokenization, etc.).
- Validate IT infrastructure and other reference architectures for security best practices and recommend changes to enhance security and reduce risk where applicable.
- Validate security configurations and access to security infrastructure tools, including firewalls, intrusion prevention systems (IPSs), web application firewalls (WAFs), anti-malware/endpoint protection systems, etc.
- Review network segmentation to ensure least privilege for network access.
- Conduct reviews of and oversee the change management function for security rulesets for the organization's firewalls.
- Validate that security and other critical patches to firmware and operating systems are configured and deployed in a timely fashion.
- Liaise with the vendor management team to conduct security assessments of existing and prospective vendors, especially those with which the organization shares intellectual property, PII, ePHI, regulated or other protected data, including:
- SaaS providers
- Cloud/infrastructure as a service providers (IaaS)
- Managed service providers
- Payroll providers
- Evaluate the statements of work from these providers to ensure that adequate security protections are in place. Assess the providers' SSAE 16 SOC 1 and SOC 2 audit reports (or alternative sources) for security-related deficiencies and required "user controls," and report any findings to the CISO and vendor management teams.
- Liaise with the internal audit (IA) team to review and evaluate the design and operational effectiveness of security-related controls.
- Support the testing and validation of internal security controls as directed by the CISO or IA team.
- Review security technologies, tools and services, and make recommendations to the broader security team for their use based on
security, financial and operational metrics.
- Conduct incident response exercises with colleagues throughout the organization and incorporate lessons-learned into existing security
architectures and practices.
- Conduct forensic analysis of security-related incidents in a manner consistent with guidance from the organization's counsel, human resources or law enforcement, as needed.
- Lead and/or coordinate penetration testing and other red team exercises as directed by the CISO or IA team.
- Coordinate with operational and facility-management teams to assess the security of operational technology and Internet of Things (IoT) systems.
- Liaise with other security practitioners to share best practices and insights.
- Liaise with the business continuity management team to validate security practices for both disaster recovery planning (DRP) and business continuity management (BCM) testing and operations when a failover occurs.
Security and Technical Experience
- Direct, hands-on experience managing security infrastructure such as firewalls, IPSs, WAFs, endpoint protection, SIEM and log management
- Verifiable experience reviewing application code for security vulnerabilities
- Direct, hands-on experience using vulnerability management tools
- Documented experience and a strong working knowledge of the methodologies to conduct threat-modeling exercises on new applications and services
- Full-stack knowledge of IT infrastructure:
Operating systems (Windows, Unix and Linux)
IP networks (WAN, LAN)
Storage networks (Fiber Channel, iSCSI and network-attached storage)
Backup networks and media
Direct experience designing IAM technologies and services (e.g., Active
Directory, LDAP, AWS IAM, AWS KMS)
Strong working knowledge of IT service management (e.g., ITIL-related
- Experience designing the deployment of applications and infrastructure into public cloud services (e.g., AWS or Microsoft Azure)
Education and Experience
Candidates will be evaluated primarily upon their ability to demonstrate the competencies required to be successful in the role, as described above. For reference, the typical work experience and educational background of candidates in this role are as follows:
BS or MS
in Computer Science, Information Security, or a related field
3+ years of experience in information security, especially in a security engineering role
Behaviors and Competencies
Demonstrates flexibility within a variety of changing situations, while working with individuals and groups. Changes own ideas or perceptions in response to changing circumstances. Alters standard procedures, when necessary, and multitasks when required.
Demonstrates an awareness of internal and external dynamics, and an acute perception of the dimensions of business issues.
Conducts research and identifies, collects and analyzes information about
markets, economies, technology trends and business operation issues to
make informed decisions. Develops approaches and solutions that are clearly
linked to the organizational strategies and goals for optimal performance.
Synthesizes facts, theories, trends, inferences, and key issues and/or themes in complex and variable situations. Recognizes abstract patterns and relationships among apparently unrelated entities and situations. Applies appropriate concepts and theories in the development of principles, practices, techniques, tools and solutions.
Openness to learning:
Takes personal responsibility for personal growth. Acquires strategies for gaining new knowledge, behaviors and skills. Builds on
and applies existing knowledge. Engages in learning from others, inside and outside the organization. Tries new approaches and broadens the scope of work to learn from work assignments.
Ability to work effectively with different types of scenarios and challenges. Ability to address tasks and projects for which no precedence
exists in the organization.
AND NOW, A LITTLE ABOUT US:
Talend has received some pretty impressive accolades along the way:
- CEO named a 2020 Top Diverse Leader by the National Diversity Council
- 5th consecutive year named a Leader for Data Integration Tools in the Gartner Magic Quadrant 2020
- 3rd consecutive year named as a Leader for Data Quality Solutions in Gartner Magic Quadrant 2020
- Recognized as a Challenger for Enterprise Integration Platform as a Service (iPass) in Gartner Magic Quadrant 2020
- "2018 Best Public Cloud Computing Companies To Work For" by Glassdoor
- Named Leader in The Forrester Wave™: Enterprise Data Fabric
- Ranked in the DBTA “100 Companies that Matter Most in Data”
- Listed in the CRN Big Data 100 Companies
We are passionate about helping companies become more data driven; and, if we can be honest, we are all geeks at heart who pride ourselves on the vibrant company culture that we have built.
Some Cool Perks With Working Here
- An opportunity to work with an international, highly collaborative, and entrepreneurial company with great coworkers who enjoy having fun and working hard
- Competitive salaries and quarterly bonuses for full-time employees
- Equity consideration for all full-time employees
- Comprehensive health insurance available (medical, dental and vision) for you and your family for full-time employees
- Paid time off, sick time, and company holidays, in addition to paid parental leave, bereavement leave, and jury duty leave for full-time employees
- Employer-matching 401K plan and an Employee Stock Purchase Plan (ESPP) for full-time employees
- Commuter benefits, and free employee shuttle to CalTrain for an easy commute anywhere along the 101 corridor
- Weekly catered lunches, which we proudly take the time to sit down and enjoy as a team, weekly rotating food trucks outside our office, and a fully-stocked kitchen with drinks, Philz and Stumptown coffee, healthy snacks, bagels, and candy
- Opportunity to challenge your fellow coworkers to a friendly match of ping pong, cornhole, or foosball in our Game Room
- Free onsite fitness center for employees, and outdoor running trails and full-sized basketball courts
- Working in a new, bright, open-environment and collaborative office
- Choice of MacBook or Windows laptop
As a global employer, Talend believes our success depends on diversity, inclusion and mutual respect among our team members. We want to look like our customers, and we recruit, develop and retain the most hardworking people from a diverse candidate pool. We are committed to making all employment decisions on the basis of business need, merit, capability and equality of opportunity. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, or national origin.
We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, to perform essential job functions, and to receive other benefits and privileges of employment. Please contact us to request accommodation.