Senior Information Security Engineer

A Moving Experience As a Principal Information Security Engineer you will play a critical role in safeguarding our systems and software platforms across the development lifecycle You will leverage your security engineering expertise and hands-on experience with tools like CrowdStrike Zscaler and Microsoft Security technologies to detect respond to and prevent threats Your understanding of information security technologies governance and risk management will ensure we meet security and compliance expectations in a highly regulated global automotive environment Key Responsibilities Design and maintain robust security technologies controls and policies across our global enterprise Support the implementation and management of endpoint detection and response EDR end point protection EPP zero trust network access ZTNA vulnerability management identity and threat protection using platforms such as CrowdStrike Falcon Zscaler Tenable and Microsoft Security PIM conditional access and Windows Hello Own the information security controls that contribute to the company s governance risk and compliance GRC efforts particularly ISO 27001 TISAX CIS and customer security assessments Monitor analyze and respond to security events collaborating with vendors global engineering DevOps and IT teams to resolve threats efficiently Run corporate phishing campaign security training and security awareness programs Document security processes and contribute to internal policies that support information and application security programs Support vulnerability scanning secure coding and threat modeling activities in partnership with IT product and software teams Participate in vendor security assessments and global OEM customer security reviews Required Qualifications Minimum of 3 years of experience in information security with a focus on corporate enterprise security in a global software-driven business Proven experience with CrowdStrike Falcon Zscaler Microsoft Security tools Tenable or similar Solid understanding of governance and risk frameworks particularly those relevant to enterprise information security management systems Familiarity with secure software development practices and security in cloud environments Azure preferred Demonstrable ability as self-driven and to work independently Strong analytical problem-solving and communication skills Preferred Qualifications Bachelor s degree or higher Industry certifications such as CISSP CISM Microsoft SC Series Experience with Atlassian Jira and Confluence Experience with ISO 27001 TISAX NIST or CIS Understanding of automotive cybersecurity standards e g ISO 21434 UNECE WP 29 Knowledge of CI CD pipelines and security integration in software development workflows Cerence Inc Nasdaq CRNC and is the global industry leader in creating unique moving experiences for the automotive world Spun out from Nuance in October 2019 Cerence is a new independent company that has quickly gained traction as a leader in the automotive voice assistant space working with all of the world s leading automakers - from Ford and Fiat Chrysler to Daimler Audi and BMW to Geely and SAIC - to transform how a car feels responds and learns Its track record is built on more than 20 years of industry experience and leadership and more than 500 million cars on the road today across more than 70 languages As Cerence looks to the future and continues an ambitious growth agenda we need someone to join the team and help build the future of voice and AI in cars This is an exciting opportunity to join Cerence s passionate dedicated global team and be a part of meaningful innovation in a rapidly growing industry EQUAL OPPORTUNITY EMPLOYER Cerence is firmly committed to Equal Employment Opportunity EEO and to compliance with all federal state and local laws that prohibit employment discrimination on the basis of age race color gender gender identity gender expression sex sex stereotyping pregnancy national origin ancestry religion physical or mental disability medical condition marital status citizenship status sexual orientation protected military or veteran status genetic information and other protected classifications Cerence Equal Employment Opportunity Policy Statement All prospective and current Employees need to remain vigilant when it comes to executing security policies in the workplace This includes - Following workplace security protocols and training programs to familiarize with the ways to maintain a safe workplace - Following security procedures to report any suspicious activity - Having respect for corporate security procedures to allow those procedures to be effective - Adhering to company s compliance and regulations - Encouraging to follow a zero tolerance for workplace violence - Basic knowledge of information security and data privacy requirements e g how to protect data how to be handling this data - Demonstrative knowledge of information security through internal training programs