Job Description

Company Description

Company Description

McFadyen Digital is the leading advisor and implementer of ecommerce marketplace solutions. During 15 years of implementing marketplaces, we\xe2\x80\x99ve built dozens of platforms that cumulatively generate billions of dollars of GMV. We\xe2\x80\x99re honored to have served 10% of the Fortune 500. Over 250 global brands like ABB, AB InBev, ACCO, Albertsons, American Red Cross, American Eagle Outfitters, US Army, US Agriculture Dept, (and many more letters in the alphabet) have entrusted their digital transformations to McFadyen. We operate global offices across the US, Brazil, and India. McFadyen Digital has been a trusted employer for over 35 years and believe that people are the most important part of our company. We\xe2\x80\x99re proud of our Great Place to Work certification.

Learn more about us at our website:



Opportunity

Should have 6 \xe2\x80\x93 8 years of experience in proactive threat management, risk assessment, network security, and incident response. Should have experience in managing AD, Exchange, Azure AD, firewalls, and endpoints, ensuring compliance and security policies. Should develop incident response plans, analyse security incidents, and oversee user support. Should have experience in optimizing system security, provide end-user assistance, and contribute to security policy development in collaboration with cross-functional teams and should possess CISSP certification.

Responsibilities

Top five Responsibilities:

• Cyber Security Management
• Risk Management and Compliance
• Vendor and Third-Party Risk Management.
• Security Audits and Assessments.
• Security Incident Analysis.

Additional Responsibilities:

1. Cyber Security Management:

a. Lead the identification, analysis, and mitigation of cyber threats, including malware, phishing, ransomware, and other malicious activities.

b. Utilize advanced tools and techniques to proactively monitor and respond to emerging threats.

c. Develop and maintain an effective incident response plan.

2. Risk Management and Compliance:

a. Conduct regular risk assessments to identify potential vulnerabilities and recommend risk mitigation strategies.

b. Ensure compliance with relevant industry regulations and standards.

3. Vendor and Third-Party Risk Management:

a. Assess and manage security risks associated with third-party vendors and partners.

b. Evaluate security controls of external vendors to ensure they meet our standards.

4. Security Audits and Assessments:

a. Coordinate and lead security audits and assessments by internal and external parties.

b. Develop and implement remediation plans for identified vulnerabilities.

5. Security Incident Analysis:

a. Perform in-depth analysis of security incidents to understand root causes and prevent future occurrences.

b. Implement proactive measures to enhance security posture based on incident findings.

6. Network Security:

a. Implement and manage security policies, access controls, and firewall rules to safeguard the network environment.

b. Monitor network traffic for suspicious activities and respond to security incidents.

7. Endpoint Security and Data Loss Prevention (DLP):

a. Implement and manage endpoint security solutions to protect systems from malware, unauthorized access, and data breaches.

b. Oversee Data Loss Prevention measures to safeguard sensitive information and ensure compliance.

8. Security Policy Development:

a. Develop and update security policies, standards, and guidelines in line with industry trends and evolving threats.

b. Ensure policies are effectively communicated and enforced across the organization.

9. Security Awareness and Training:

a. Design and deliver security awareness programs to educate employees on best security practices.

b. Provide ongoing training to IT and business units to ensure a security-conscious workforce.

10. Active Directory (AD) Support:

a. Assist in managing and maintaining user accounts and permissions within the Active Directory environment.

b. Create and manage security groups, organizational units and group polices. to ensure proper access control.

11. Exchange and Azure Active Directory (AD) Support:

a. Manage exchange online email systems and assist in managing user mailboxes and distribution lists.

b. Provide support on Azure AD and its integration with the overall system environment.

12. Network Management:

a. Manage and maintain network infrastructure, including routing, switching, and firewalls (Meraki, Palo Alto).

b. Create and manage the VPN tunnels including site to site, point to site and client VPN.

c. Ensure network availability, reliability, and security through efficient configuration and monitoring.

13. Azure Cloud Management:

a. Gain exposure to Microsoft Azure Cloud services and learn about their role in our software infrastructure.

b. Participate in basic tasks related to cloud resources under the supervision of experienced team members.

14. Microsoft 365 Support:

a. Assist in managing Microsoft 365 accounts and licenses for employees.

b. Manage collaboration tools, such as SharePoint, Teams, and OneDrive, and other M365 applications.

15. Learning and Development:

a. Participate in training sessions and workshops to develop a deeper understanding of cyber security principles and practices.

b. Take part in hands-on learning experiences to apply theoretical knowledge to real-world scenarios.

16. End User Support:

a. Provide advanced technical support to end users, resolving complex issues and ensuring exceptional user experience.

17. Documentation and Reporting:

a. Learn to document system configurations, security procedures, and troubleshooting steps for future reference.

b. Assist in generating basic reports on system health and security status

Qualifications

Education

• 6-8 years of progressive experience in information security and system admin roles. At least 4 years of experience in the cyber security is a must.
• CISSP (Certified Information Systems Security Professional) certification is required.
• Strong understanding of security frameworks, standards, and best practices.
• Proven expertise in risk management, security architecture, and compliance.
• Proficient in security tools and technologies for threat detection and prevention.
• General system Administration including, Network, AD, Cloud, End user support
• Excellent analytical, problem-solving, and communication skills.
• Bachelor\xe2\x80\x99s degree in computer science, Information Security, or related field (preferred).

Additional Information

Building a great company culture is a top priority for McFadyen Digital. We try to provide the best environment possible for team members - one that treats people the way they want to be treated. Culture Index is one of our tools for enhancing our enjoyable and productive people-focused environment. In order to be considered for this position, please follow this link to fill out a short Culture Index survey . Please use as many descriptors as possible that pertain to you. There are no right or wrong answers.

Your Core Values: Integrity, Motivation, Proactive, Team-Player

To Apply: We value smart, creative individuals who are multi-dimensional thinkers and thrive on professional development. Superb competence and continual improvement are key goals for everyone at McFadyen Solutions. This is an exciting opportunity with tremendous growth potential for someone who is focused on excellence. Your portfolio should impress us with great skills and conceptual problem-solving. We seek people who can demonstrate both compelling form and technical accuracy. Tell us why you would be a great addition to our team.

McFadyen Digital is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, age, religion, sex, sexual orientation, gender identity / expression, national origin, disability, protected veteran status, or any other characteristic protected under federal, state or local law, where applicable.

McFadyen Digital