Blue Acorn iCi is the only digital consumer experience company combining analytics, e-commerce, content management, and full-service commerce operations. No other company brings together engineers, data scientists, retail experts, designers and strategists to create seamless, memorable and scalable customer experiences. Through our integrated capabilities and unparalleled expertise, Blue Acorn iCi makes content and commerce more effective for legacy brands and digital natives alike, including Le Creuset, Casper, Food Lion, Charter, Ticketmaster, and Panera. Join our incredible team as we successfully deliver extraordinary digital experiences. We are truly a one of a kind company!
The IT Security Specialist uses the concepts, terms, processes, policy and implementation of information security to provide best-in-class services for our internal and external clients. This role must have experience and knowledge of the latest security measures at all stages of an information system life-cycle, the ability to solve complex problems, and the ability to understand and differentiate between critical and non-critical systems and networks.
Responsibilities and duties
- Performs vulnerability scanning and penetration testing on internal and external systems
- Acts as SME for PCI & DSS standards leading audit, compliance, and regulatory functions
- Creates and maintains security policies, procedures, and standards documentation
- Supports ongoing security efforts by coordinating the remediation of security vulnerabilities with delivery teams and/or third-party hosting providers
- Ensures software and firmware patching is scheduled and performed on a regular basis
- Monitors logs on a regular basis and create security reports as needed
- Facilitates training for delivery teams on OWASP and other security best-practices as needed
- Develops techniques to automate the detection and alert of suspicious and malicious activities
- Assists delivery teams with SDLC process improvements, incorporating security best-practices
- Completes security and compliance assessments and questionnaires as required by our clients
- Completes yearly PCI SAQ and works with all technology resources and partners to verify and maintain compliance
- Maintains security vendor relationships as needed
Qualifications and skills
- 5 or more years of experience in an Information Security or Information Technology discipline
- CISSP and CEH certifications or equivalent required. CISA and CISM certifications or equivalent desirable.
- Experience with PCI & DSS compliance and assessments
- Working knowledge of penetration testing tools
- Experience conducting risk assessments, vulnerability assessments, vendor and third party risk assessments and recommending risk remediation strategies
- Experience in managing the communication of security findings and recommendations to delivery teams and management
- Basic knowledge of networking concepts and diagrams including firewalls, switches, and routers
Employees enjoy a competitive benefits package that includes medical, dental and vision insurance, life insurance, disability, paid time off, 401(k), and more! Additional perks vary by location.