Title: IT Security Engineer – Web Security
Job #140000oo, Kimberly-Clark Corp.
Location: Roswell GA (Atlanta area) or Dallas TX
Function: IT Security
Reports to: Sr. Manager
Kimberly-Clark and its well-known global brands are an indispensable part of life for people in more than 150 countries. Every day, 1.3 billion people – nearly a quarter of the world’s population – trust K-C brands and the solutions they provide to enhance their health, hygiene, and well-being. With brands such as Kleenex, Scott, Huggies, Pull-Ups, Kotex, and Depend, Kimberly-Clark holds No.1 or No. 2 share positions in more than 80 countries. With a 135-year history of innovation, we believe in recruiting the best people and putting them in the right jobs so that they can do their best work. If fresh thinking and a passion to win inspire you, come Unleash Your Power at Kimberly-Clark.
The IT Security Engineer – Web Security is responsible for the identification, tracking, mitigating, remediation, and verification of web security vulnerabilities in software, systems, and application services.
The candidate will combine experience in information security, web development, IT operations, and project management to ensure security risks are effectively identified and appropriately addressed while maintaining a balance between security and usability. This role will define, deliver and sustain the enterprise web security strategy, standards and solutions from a governance, process, discipline and technology standpoint, to support Kimberly-Clark’s global and enterprise environments.
This position requires a broad range of technical and interpersonal skills and is responsible for the following functions:
• Provides technical consultation and direction on web application design, architecture and system performance, and evolving technologies.
- Accountability and ownership for web security scanning solutions, processes, services and operations.
- Develop and maintain tools and processes for web application scans, reviews and assessments along with ethical hacking.
- Develop security guidance documentation.
- Develop and maintain secure web coding practices and enterprise wide standards. Educate and collaborate with customers on practices and standards.
- Performs requirements gathering, initial engineering design, platform/environment integration and evolution planning to support highly reliable, available, scalable, and cost-effective computing.
- Interfaces with Architecture team regarding the ratification and implementation of new Architecture standards.
- Interface with product vendors for escalated support and advanced product knowledge.
- Ensures IT security architecture/designs, plans, controls, processes, standards, policies and procedures are aligned with IT standards and overall IT security
- Partner with delivery support teams and customers to maintain web security SLA/KPIs and provide technical leadership.
- Manage and provide tier II support for web security related incidents.
- Maintain an understanding of attacks, vectors and emergent threats (OWASP)
- Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies
Interested? You can contact Dorothy.Beach@KCC.com to receive more information on job # 140000oo . Sending your resume can allow a more intelligent discussion between your career goals and what Kimberly-Clark needs.
- Bachelor’s Degree
- 8+ Years of IT experience
- 3+ years’ experience with Infrastructure engineering security
- Experience with multiple programming languages (such as ASP.NET, Java, Powershell, Ruby, Perl, etc…)
- 3+ years of web application security experience required (AppScan and Web Application Firewall)
- Service oriented mentality with focus on customer service
Additional Skills Required:
- Excellent written and verbal communication capability with a customer focus
- Success in collaborating with customers, partners, and co-workers across cultural boundaries (including flexibility in work schedule as needed)
- Able to identify, address or escalate potential dependencies and issues
- Manage the effort within deferred and expense budget constraints (if project lead)
- Effectively manage ambiguity, change and conflict
- Effectively prioritize in high pressure situations
- Strong project leadership and support skills
- Demonstrated track record of success in delivering in a security environment
- Proven experience in navigating complex organizations with creative problem solving
- At ease in establishing senior-level working relationships and communications
- Ability to deliver a clear yet compelling and realistic business case
- Ability to translate complex technical topics into easy to understand concepts
- Minimum of 5 years’ experience in security or network architecture/engineering role including designing and deploying security solutions
- Strong analytical skills and cross functional knowledge across multiple security disciplines
- Strong working experience with databases and data warehouse technologies and solutions
- Working experience with systems automation in a major scripting language (Perl, Python, etc.)
- Ability to communicate security-related concepts to a broad range of technical and non-technical staff
- Must possess a high degree of integrity, be trustworthy, and have the ability to work with autonomy
- Any of the following are a plus: CISSP, CISM
- Master’s Degree a plus
The statements above are intended to describe the general nature and level of work performed by employees assigned to this classification. Statements are not intended to be construed as an exhaustive list of all duties, responsibilities and skills required for this position
Kimberly-Clark is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.