PVH Corp. Lead Global Network Security Engineer in Bridgewater, New Jersey
If you are a current PVH Associate, please click this link to apply through your Workday account. at https://www.myworkday.com/pvh
Design Your Future at PVH
Lead Global Network Security Engineer
POSITION SUMMARY: Responsible for ensuring the Egress is consistent and remains modern across the PVH organization while defining best practices. Focus on the long-term strategic management of the technologies that comprise the B2B and Internet Gateways. Improve performance levels and user experience across all PVH sites via KPIs review with Operations. Develop Service catalogs and assist in the development of budgets / forecasts for all components that make up the B2B & Internet Gateways. Establish engineering designs and patching schedules which aligns with an always-on methodology.
PRIMARY RESPONSIBILITIES/ACCOUNTABILITIES OF THE JOB:
Manage projects with responsibility for establishing specific project schedules, documentation including detailed plans, data flows, deployment plans, operational run books; meeting project budget and directing the work of project team members in a highly matrixed environment.
This role is action and solution oriented with an emphasis on engineering security solutions that enable PVH to meet business goals as well as regulatory requirements such as PCI
Validate and prove complex security designs to produce detailed engineering specifications for existing and proposed technologies; in certain cases, provide detailed designs to effectively mitigate legacy technology vulnerabilities
Assess, design, implement, and integrate enterprise security solutions including, but not limited to, next-generation firewalls, web application firewalls (WAF), intrusion prevention/detection systems (IDS/IPS), content filtering, secure log management, security information, event management (SIEM) systems, anti-malware solutions, and endpoint security solutions
Identify technology risks and independently evaluate the efficiency and effectiveness of complex information technology and security controls across IT infrastructure, cloud services, networks, and security systems to help manage risks that could impact the company
Maintain knowledge of complex industry trends, current security issues, and security technologies
Develops Security engineering design strategies for PVH in the form of standards, frameworks, Service catalogs and guidelines, with the emphasis on Infrastructure security
Advises and contributes to strategies and initiatives to strengthen PVH’s Security
Acts as Subject Matter Expert and provide third-level support and analysis during investigations
Strong experience with Checkpoint, Pal Alto platforms, Cisco ASA series, Cisco Switches and Routers Configurations
Experience with Check Point GAIA, Check Point Provider-1, and Juniper SSL appliances
Research and coordinate migrations of existing security boundaries to new platforms and infrastructure
Have a complete understanding on system’s infrastructure including firewalls, switches/routers, load balancers, DMZ networks, proxies, IPS, and DNS infrastructure
Provide L3 support including configuration changes, infrastructure enhancements and upgrades
Establish metrics for all egress devices including but not limited to Checkpoint, WebSense, SourceFire, ASA
Provide advanced support for enterprise firewall management
Devises network management policies and procedures to ensure the maximum availability of the corporate network.
Evaluates new hardware and software technology and assesses applicability to the communications requirements of the corporation.
As the single point of contact on network security and the liaison between the business and Network Security, the role is to enable business strategies, while balancing the security risk; To articulate the security perspective to business partners, helping them understand the potential impact and possible controls in business terms. To bring business knowledge to the Network Security organization to help ensure security is aligned with the business strategy and accelerates solutions with better communication and alignment.
Investigate security incidents for the BU, work with ISG and recommend appropriate corrective actions.
Provide consulting services to increase knowledge of Network Security standards, concerns, interpretation and clarification of policies as well as advise on BU plans to achieve compliance.
Primary point of contact for Network security audits, participates in scoping, deliverable requests, collaborate with IT senior leadership to clear audit reports and help ensure effectiveness/completeness of action plans.
Establish communication channels with an aim of strengthening relationships to efficiently tackle security issues that span multiple businesses and application teams.
Ensure timely engagement on business and IT initiatives, providing guidance on the security risk aspect of projects.
Provide supporting documentation for compliance as it relates to audits, proposals and presentations.
Ensure IT owners are held accountable for the state of their controls and understand their responsibilities as to risk mitigation and remediation as well as compliance to security policy & standards, reducing the likelihood of audit, regulatory & legal liabilities.
Proactively engage infrastructure owners to ensure corrective plans are developed to remediate defined risks and non-compliant activities and keeps abreast of action plans.
Educate management of the risk implications associated with a particular infrastructure design decisions, and communicate the likelihood and impact of those decisions so management can fully quantify those risks and determine tolerance levels.
Understand and report on the overall infrastructure security risk posture of the environment, providing a holistic view of vulnerabilities and associated risks to the business and Infrastructure.
Focus on process improvements, removing deficiencies to manage risk, prevent/anticipate problems and identify opportunities for efficiencies and to move from manual to automated processes.
Review Approval for Expenditures to ensure compliance with security requirements
Understand, test and implement security plans, products and control techniques.
Attend and participate in internal/external forums and risk committees where appropriate. ______________________ BUDGETARY RESPONSIBILITIES: Responsible for administering budgets (PCA’s) RESOURCEFULNESS/CREATIVITY: Managing project teams of from 3-12 people (from different departments) ENVIRONMENT: Supervisory experience in leading major projects in both an international and domestic environment.This is a global role with significant travel that will be required both domestically as well as internationally (up to 4 international trips per year to Brazil, HK, China, Japan and Amsterdam) in additional to domestic trips to LA ______________________ QUALIFICATIONS & EXPERIENCE: Experience:
Minimum 10 years in Information Technology with at least 7 in Infrastructure Security.
At least 3 years of experience with commercial and open source security applications and technologies (e.g. malware prevention, DLP, IDS/IDP, cryptography, vulnerability scanning and penetration testing), as well as related protocols and tools (e.g. SSH, SSL/TLS, snort, port scanners, rootkit detectors, etc.)
At least 3 years of experience performing network and application security penetration testing and/or threat assessments
Broad-based knowledge of information security processes and technologies such as: business process design, risk assessment, minimum baseline security controls (*nix, Windows, network protocols, common services), data classification and management, security monitoring and log analysis, incident management, network protocols, application and database architectures, SDLC, system planning and integration, and security metrics.
Working knowledge of technologies such as operating systems, directory services, and network protocols. Education:
Bachelor's degree in computer science, information systems, engineering, or a related field
Certifications preferred: ITIL, CISSP, CCNA, CCENT, CCNP, GSEC, MCSA, CISM Skills:
Experienced in IS programs including, but not limited to, Audit Reviews, Risk Assessment, Awareness & Training, Identity Access & Management, Data Protection, Secure SDLC, Incident Management, Vulnerability Assessment, Penetration Testing, Third Party IS Assessment, Secure Configurations, Patch Management
In depth knowledge of infrastructure and logical security technology with experience working with ITIL, ISO 27001 and/or CoBIT processes and procedures
Ability to translate business driver and priorities into security design
Ability to influence others and shape/obtain desired outcome in areas outside of direct control
Outstanding verbal, written and presentation skills to effectively communicate infrastructure security projects in business terms to various levels within the organization
Ability to see the big picture with high attention to critical details
Strong, proven problem-solving and analytical skills to resolve problems and conflicts and drive solutions through to completion
Strong facilitation skills and a clear ability to build strong relationships with business stakeholders at all levels, including executive managers and vendors
Results oriented, well organized with follow-up skills to meet deadlines; has a track record of effectively managing multiple tasks in a dynamic environment.
Knowledge of government and other regulations related to the Security field (e.g., PCI, HIPAA)
It is the policy of PVH Corp. to ensure equal employment opportunities to all qualified persons without regard to race, gender, religion, age, national origin, citizenship status, disability, qualified veteran status, marital status, or sexual orientation.
http://www.pvh.com at http://www.pvh.com/
Continue exploring our current job opportunities and take the next step towards designing your future. at https://pvh.wd1.myworkdayjobs.com/PVH_Careers/jobs
With a history going back over 135 years, PVH has excelled at growing brands and businesses with rich American heritages, becoming one of the largest global apparel companies.
We are over 35,000 associates operating in over 40 countries and $8.2 billion in 2016 annual revenues. We own and market the iconic CALVIN KLEIN, Tommy Hilfiger, Van Heusen, IZOD, Arrow, Speedo*, Warner's, and Olga brands and, in addition, market a variety of goods under our own and licensed brands.
*The Speedo brand is licensed for North America and the Caribbean in perpetuity from Speedo International, Ltd.