9415.00 $ InfoSec Engineer Application Security

At PMI, we’ve chosen to do something incredible.

We’re totally redefining our business and building our future on smoke-free products with the power to deliver a smoke-free future.

With huge change, comes huge opportunity. So, wherever you join us, you’ll enjoy the freedom to dream up and deliver better, brighter solutions and you will have the space to move your career forward in many different areas/directions.

IT at PMI
PMI’s journey to a smoke-free future implies a shift from a tobacco manufacturer to a science and technology-based consumer facing organisation.

Such a shift creates an abundance of unique and transformative IT projects to match all levels of skills and ambitions. You’ll feel like you’re working in a start-up – with the freedom to shape and define the future of digital, but with the support and scope of a vast global business. You’ll get a chance to work with innovative technologies (e.g., Cloud, APIs, AI) as well as management practices (e.g., Agile, Design Thinking, Product Management). Our environment is fast-paced and highly collaborative. If you want the freedom to find new ways to connect with consumers, there’s no better place to progress your career.

Digital at PMI is dynamic, diverse, and innovative. Join us and become a part of a top talent team where you can bring new ideas to life in a global function that is a key driver of the success of our business.

Join us in this role and you’ll be part of our InfoSec Application Security team.

Your “day to day”
• Identify cybersecurity gaps in PMI applications and systems using a wide variety of methods, e.g. threat modeling, architecture reviews, access model reviews, configuration reviews, static and dynamic application security testing
• Evaluate the security posture of the third party solutions using TPCRM methodologies with cybersecurity focus
• Analyze the scope, methodology and results of cybersecurity activities (e.g. ethical hacking) performed by third parties around the presence of vulnerabilities in systems used or to be used by PMI
• Follow up with third parties on any inconsistency and ambiguity in the reports to have a reasonable level of assurance over security testing work provided by vendors
• Describe and demonstrate identified issues in various forms (e.g. reports, technical debt definitions) and ensure that relevant partners understand the risk that those vulnerabilities pose to the Company
• Advise IT teams on how to replicate identified cybersecurity issues and remediate them in the most effective and cost-efficient way
• Partner with other Information Security leaders to ensure that PMI follows standard methodologies in the application security testing domain by continuously optimizing tools, techniques and methodologies
• Keep up to date with the constantly evolving cyber threat landscape and the latest developments in IT risk management and contribute to PMI’s security standards

Who we’re looking for
• Shown experience, preferably in a large organization or consulting companies, in at least one of the areas:
1. IT assurance: IT security, IT risk management, IT audit, IT controls,
2. Offensive security: ethical hacking, penetration testing, vulnerability assessment, red teaming
3. Secure software development: S-SDLC, DevSecOps
• Professional certifications in at least two of the following domains:
1. IT systems security and auditing (e.g. CISA, CISSP, CRISC, CISM)
2. Cloud technologies (e.g. AWS, Azure, Salesforce)
3. Ethical hacking (e.g. OSCP, GIAC Penetration Tester, CEH)
• Consistent record in performing IT security assessments or IT audits for large scale solutions
• Good knowledge of typical application design patterns and their attack vectors (e.g. web, mobile, thick client, etc.)
• Strong understanding of modern application architectures including microservices, containers, APIs, serverless technologies and cloud environments
• Knowledge of basic identity and access management concepts (e.g. single-sign on, identity federation) and standards (e.g. SAML, OAuth 2.0, OpenID)
• Sound knowledge of impact and remediation techniques for vulnerabilities from and outside of OWASP Top 10
• Considerable technical writing proficiency and oral presentation skills

What we offer?
There are many IT Organizations out there, so why should you join ours?
• Annual Base Salary Range: range $113,000 - $146,000
• We believe PMI IT’s true strength is fuelled by our people, and that our success depends on them coming to work every single day with a sense of purpose and an appetite for progress. We are a people first organisation committed to providing you with first-class employee journey. Here’s a glimpse of what’s in it for you upon joining us:
• Work-life balance: Wellbeing comes first. We offer a fantastic office environment and hybrid working options to ensure you have the best work-life balance possible
• Learning & Development: Your growth is a priority. Our robust and varied learning & development ecosystem will help you strengthen your technical skills and enhance your soft skills and intuition for business. The capabilities you will acquire with us will support your life-time employability within IT, PMI, and beyond
• Inclusion & Diversity: Our differences - much more than our similarities - generate the innovation we are looking for. We aspire to build a diverse and inclusive organization to access the breadth and depth of thinking and sensitivity vital to thrive
• We offer a competitive base salary, annual bonus (applicable based on level of position), great medical, dental and vision coverage, 401k with a generous company match, incredible wellness benefits, commuter benefits, pet insurance, generous PTO, and much more

Every single IT colleague is part of our Transformation journey. Join us and pursue your ambitions – our staggering size and scale provides endless opportunities to progress. If this offer resonates with you, we look forward to receiving your application and getting to know you.

Together, let’s deliver a smoke free future!

PMI is an Equal Opportunity Employer
PMI Global Services Inc. and PM Global Brands Inc. are a subsidiary of Philip Morris International Inc. Philip Morris International (PMI) is leading a transformation in the tobacco industry to create a smoke-free future and ultimately replace cigarettes with smoke-free products to the benefit of adults who would otherwise continue to smoke, society, the company, its shareholders and its other partners. PMI is a leading international tobacco company engaged in the manufacture and sale of cigarettes, as well as smoke-free products, associated electronic devices and accessories, and other nicotine-containing products in markets outside the U.S. In addition, PMI ships versions of its IQOS Platform 1 device and consumables to Altria Group, Inc. for sale under license in the U.S., where these products have received marketing authorizations from the U.S. Food and Drug Administration (FDA) under the premarket tobacco product application (PMTA) pathway; the FDA has also authorized the marketing of a version of IQOS and its consumables as a Modified Risk Tobacco Product (MRTP), finding that an exposure modification order for these products is appropriate to promote the public health. PMI is building a future on a new category of smoke-free products that, while not risk-free, are a much better choice than continuing to smoke. Through multidisciplinary capabilities in product development, state-of-the-art facilities and scientific substantiation, PMI aims to ensure that its smoke-free products meet adult consumer preferences and rigorous regulatory requirements. PMI's smoke-free product portfolio includes heat-not-burn and nicotine-containing vapor products. As of September 30, 2022, PMI's smoke-free products are available for sale in 70 markets in key cities or nationwide, and PMI estimates that approximately 13.5 million adults around the world, excluding Russia and Ukraine have already switched to IQOS and stopped smoking. For more information, please visit www.pmi.com and www.pmiscience.com.
#LI-Hybrid

Связаться с автором