M&A Security Engineer

About The Position

Requirements

• Bachelor's degree Information Security, Computer Sciences or an equivalent combination of education and experience.
• At least 3 years' experience in an Information Security role and 3 years' experience in an IT capacity with progressively difficult responsibilities.
• At least 2 years' experience in mergers and acquisitions.
• Solid experience working with Windows, Active Directory, Linux and O365.
• Experience with Amazon Web Services and/or Microsoft Azure.
• Working knowledge of networking protocols and concepts including TCP, DNS, DHCP, Firewalls, VPN, EDR, and Web proxies.
• Understanding of email transmission, routing, and authentication concepts including SMTP, SPF, DKIM, and DMARC.
• Experience with vulnerability assessments and patch management practices.
• Knowledge of Windows Event and network device logging including syslog and SIEM.
• Solid analytical and problem-solving skills; ability to think strategically and drive decision making.
• Ability to evaluate business processes, IT technology, identify security risks, process gaps, and evaluate IT controls.
• Organizational skills to prioritize risks and actions using a risk-based approach.
• Experience working with industry security standards, guidelines, and regulatory/compliance requirements related to information security such as ISO 27001, NIST 800-53, SOC2, PCI, SOX, etc.
• Excellent communication skills (both written and verbal)
• Competent interpersonal skills, demonstrating executive presence and the ability to interact with senior business and technology leaders with credibility
• Ability to handle multiple tasks concurrently, priorities them according to the change in situation and meet deadlines.
• High flexibility, including willingness to travel up to 10% of working time.

Nice To Haves

• Related certifications (e.g., GSEC, CISSP, AWS) preferred.

Responsibilities

• Protect the integrity and confidentiality of HUB data and infrastructure while enabling business functionality in all systems and environments by supporting applicable security solutions.
• Partner with stakeholders to conduct pre-deal close security review and breach analysis of acquisition environment.
• Perform acquisition firewall rule reviews to ensure high-risk protocols are configured appropriately.
• Perform technical risk assessments and present accurate and comprehensive reports for both non-technical and technical audiences.
• Participate in the integration and Solution Design meetings to plan secure system integration solutions following HUB's Policies and Standards.
• Perform static and dynamic code analysis of in-house developed applications.
• Review applications for security posture and provide improvement recommendations.
• Implement the suite of Hub Information Security tools post-close.
• Facilitate the adoption of new tools and processes in the M&A playbook.
• Act as a liaison between acquired business units and corporate stakeholders for incident response activities for M&A related security incidents.
• Gather and report on key organizational information security metrics.
• Other duties as assigned.

Benefits

• HUB International is proud to offer comprehensive benefit and total compensation packages which could include health/dental/vision/life/disability insurance, FSA, HSA and 401(k) accounts, paid-time-off benefits such as vacation, sick, and personal days, and eligible bonuses, equity and commissions for some positions.