NAVIS is excited to be hiring an experience Security Engineer in our Bend, Oregon offices!
The Security Engineer will be responsible for helping to define the overall information security plan for the Company, identifying and mitigating security risks for all of NAVIS. You will be instrumental in the architecture and development of IT security controls as well as ensuring these secure practices are followed. This role will be critical in maintaining the controls that enable NAVIS to operate securely within data security compliance standards as we migrate our operations to the cloud. You will work closely with the development and operations teams using positive partnerships to foster a security-first culture. You must be well-versed in security operations, cyber security tools, and PCI compliant testing methodologies.
This is both a strategic and a tactical position. Over time, we expect the security organization within NAVIS to mature and grow and this role will be instrumental in evolving and optimizing our overall data security strategy.
DUTIES & RESPONSIBILITIES:
- Optimize and monitor various systems to identify potential or actual incidents, intrusions, and malware events with the goal of maintaining confidentiality and integrity of data and systems
- Lead incident response activities for any suspected or actual data breach and prepare reports for management
- Balance risk with the needs of the business and be able to communicate the pros and cons of each with stakeholders
- Participate in architectural discussions with the software development teams to ensure architecture meets the security guidelines for the Company
- Run the PCI Program - ongoing PCI compliance with annual PCI recertification goal
- Maintaining GDPR compliance along with general PII data security compliance
- Manage on-going assessments of security and vulnerability scanning
- Lead effort for code security compliance and testing as part of automation
- Assess compliance against standards for various platforms and technologies
- Recognize and identify potential areas where existing data security policies and procedures require change and recommend courses of action to mitigate such risks
- Uncover and discuss compliance and audit issues with various stakeholders and develop action plans to address them
- Foster the creation of a culture that promotes Information Security as an integral part of IT architecture and business processes
- Optimization and maintenance of all threat management systems
- Provide support for the preparation and execution of all internal and external security related audits
- Deliver innovative, customized solutions for problems where there are no available precedents
- Provide on-going training program to Engineering and the organization around security best practices and common vulnerability trends
- Other duties as assigned
- Bachelor's degree in Information Security or a related information security field; or equivalent combination of education and experience preferred
- At least 5 years' experience performing risk analysis and remediation of information systems and networks
- At least 5 years' experience working with networking protocols and principles
- At least 5 years' experience with PCI and PII regulations
- At least 5 years' experience with compliance frameworks (ITIL, NIST, ISO)
- Specific technology experience that is useful for this role include Windows Server, Linux, Cisco and Palo Alto Firewall, and AWS
This position is based at our Bend, Oregon offices in the historic Old Mill District.
- An inclusive, fun, values-driven company culture – we've won awards for it
- A growing tech company in Bend, Oregon
- Work / Life balance - what a concept!
- Excellent benefits package with a Medical Expense Reimbursement Program that helps keep our medical deductibles LOW for our Team Members
- 401(k) with generous matching component
- Generous time off plus a VTO day to use working at your favorite charity
- Competitive pay + annual bonus program
- FREE TURKEYS (or pies) for every Team Member for Thanksgiving (hey, it's a tradition around here)
- Your work makes a difference here, and we make a huge impact to our clients' profits
- Transparency – regular All-Team meetings, so you can stay in-the-know with what's going on in all areas our business
- We support local businesses and they support us - get perks just by flashing your NAVIS badge
- Forget your standard potluck - we take our company events to the next level! Annual "Pow Day" at Mt. Bachelor, fiscal year celebrations, summer shindigs, and holiday parties, and more
- Cold-brew coffee on tap
- We go ALL-OUT for Halloween (it's a thing for us)
NAVIS is the only Unified CRM solution for hotels and vacation rental management companies that brings their data and their reservations sales, marketing, and revenue teams together to drive more direct bookings and revenue. Because we believe technology should make you money, not cost you money, we developed our game-changing Revenue Performance Platform™ to transform teams into revenue makers, enabling them to drive, capture and convert more direct bookings. We deliver actionable guest insights so departments can seamlessly sell and market together. The result is always a dramatic increase in direct sales and profit. We guarantee it.
Founded in 1987, NAVIS is a privately held company with headquarters in Bend, Oregon, and growing offices in Orlando, Florida and Reno, Nevada.
We have been named on multiple "Top Workplaces" lists for NINE years running!
NAVIS is honored and humbled to have been recognized as a "Top Workplace" by "The Oregonian" for several years (and again in 2019).
At NAVIS, our Core Values are:
- Golden Rule: I treat others as I want to be treated
- Integrity: I am a person of my word and highly trusted
- Innovation: I create solutions for difficult business problems
- Performance: I am part of an ambitious team and my results matter
- Attitude: I am a positive influence, I love my team and the work we do
NAVIS is an Equal Opportunity Employer (EOE).