Senior Security Engineer

NC America, a newly formed subsidiary of the massive $6bn gaming company NCSOFT, is looking for a Senior Security Engineer to coordinate and facilitate security response activities for all NCSOFT products and services. In this position, you will drive security-related issues to resolution across numerous service teams, interacting directly with those teams and other business units. This role owns several of the security solutions responsible for mitigating threats and overall risk to the company.

WHAT YOU'LL DO

• Review and identify email-based threats such as malware, phishing, fraud, etc.
• Identify significant actual and potential cyber security problems, trends, and weaknesses and recommend specific modifications and solutions to reduce information systems security risks.
• Establish technical or procedural enforcements for pertinent policies within the organization.
• Facilitate organization-wide communications and institute measures to ensure information security awareness and compliance.
• Review proposed new systems, networks, and software designs for potential security risks, and help resolve integration security issues across disciplines.
• Implement and interpret the requirements of CIS/NIST, ISO/IEC, PCI, SOX, and HIPAA policies mandates and standards.
• Act as a member of Incident Response Team. May be called upon to take part in the investigation of serious cyber security violations that potentially impact the integrity of NCSOFT infrastructure.
• Participate in the on-call rotation for the Security Operations Department, providing round-the-clock response for security incidents
• Investigate and respond rapidly to security incidents. Provide subject-matter expert level support to the incident response team throughout the entire process.
• Perform daily maintenance and operation functions of security equipment, including vulnerability scanners, EDR configurations, and NGAV policies.
• May install and configure network security components, in addition to performing log reviews and analyses.
• Provide troubleshooting and resolutions security-related issues and respond to network outages and emergencies on an on-call basis.
• Perform regularly scheduled security and vulnerability audits and determine corrective actions needed.
• Conduct industry research and provide recommendations for emerging trends and network security practices.
• Maintain and champion the company Security Awareness Program.

WHAT YOU'LL NEED TO BE SUCCESSFUL

• Bachelor's degree in Computer Science or a related field or an equivalent combination of education, training, and experience
• 5+ years of experience in Security and IT Operations
• Hands-on experience deploying and maintaining EDR solutions, NGAV policies, DLP solutions, Network/Application/Host based Firewalls, IDS/IPS, Web Proxies and Web Application Firewalls, Centralized log systems/SIEM, Email header analysis
• Hands on experience with configuring, securing, monitoring, and troubleshooting client and server class operating systems.
• Experience and demonstrable knowledge of security incident lifecycle, process, coordination, communication, and reporting.
• Excellent knowledge and thorough understanding of information systems security principles, concepts, and methods.
• Able to identify threats and risks and recommend/implement security controls as mitigations.
• Excellent knowledge and thorough understanding in predicting the overall impact of major changes to security systems across the architecture and ensuring proper measures are taken to reduce potential downtime.
• Solid understanding and ability to explain network protocols,routing, VLAN, switching, and the ability to utilize packet sniffers and analyze packet traces.
• Willingness to contribute outside of immediate experience.
• Strong troubleshooting skills and a drive to take ownership of problems and solve them.
• Strong customer focus.
• Able to juggle many tasks and projects in a fast-moving environment.
• Able to work independently with minimal direction.
• Excellent interpersonal time management skills.
• Excellent written and verbal communication skills, including the ability to communicate technical information to non-technical personnel.
• Fluent in Korean preferred