At Khoros, our passion is to help the world’s best brands create customers for life. We build products we’re proud of, and we’re passionate about customer success. As part of the Vista Equity family, you’ll receive best in class development opportunities and the ability to work with customers like Samsung, HP, Sony and Visa.
The Khoros engagement platform comprises Online Community, Social Media Management and Messaging products for social customer service, social support and social media marketing teams to listen, respond and act on customer conversations – creating deep relationships and fostering brand loyalty and advocacy.
The best Fortune 1000 companies in the world trust Khoros to help them build closer, more personalized and trusted relationships with their customers. Some of our clients: HP, Samsung, and LiveNation (to name a few). We are a Vista Equity Partners portfolio company, growing fast and adding new products to our platform organically and inorganically.
This role can be located either in Austin, TX or Kansas City, MO (Remote currently due to COVID).
- Assists in the development and maintenance of an Information Security Strategy Roadmap for all Security Technology domains and provide input on the strategic direction of the architecture team.
- Designs and implements security controls.
- Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; preparing cost estimates.
- Collects evidence to support the certification audit processes.
- Coordinate response to customer security questions and assessments.
- Implements security systems by specifying intrusion detection methodologies and equipment; directing equipment and software installation and calibration; preparing preventive and reactive measures; creating, transmitting, and maintaining keys; providing technical support; completing documentation.
- Verifies security systems by developing and implementing test scripts. Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.
- Prepares system security reports by collecting, analyzing, and summarizing data and trends.
- Maintains job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications;
- Reviews and Tests security configurations to ensure appropriate levels of risk exposure.
- Works closely with Engineering as a DevOps team member to ensure information systems meet or exceed security and certification requirements; including ensuring that security architecture is well documented and communicated.
- Analyzes anomalous activities and system behaviors to identify possible unauthorized access to networks, databases, and/or computer systems.
- Provides support for information security policy, regulatory, contractual, and statutory requirements.
- Stays current with advancements in technology and techniques to ensure that security solutions are continuously improved, supported, and aligned with industry and company standards.
- Leads the development and maintenance of information security policies and procedures.
- Updates existing department documentation and create documentation for new processes.
- Perform all other duties as assigned
- Associate’s or Bachelor's degree in Computer Science, Computer Engineering, Software Engineering, Computer Information Systems, Information Systems, Information Technology or related field, or equivalent experience
- 5+ years IT security engineering or related experience in a complex IT environment
- 2+ years security architecture/strategy experience
- 2+ years web/application security experience
- Familiarity and experinece with OWASP Top 10 and SANS Top 25 principles
- Must be willing to continually advance IT Security knowledge and abilities through engagement of both formal and informal educational opportunities.
- It's a plus if you have: Qualified Security Assessor (QSA) certification, AWS Security Certification, CISSP, CISM, CEH, GPEN or related certifications