When you click 'Apply', you will need to click on 'Create Account'. By creating an account, you will be able to view your applications and their statuses. Your password must contain 8 characters, 1 upper case letter, 1 number and 1 special character. Please make sure your name is formatted correctly and not in all uppercase.
WHO WE ARE
A subsidiary of Mr. Cooper founded in 2012, Xome was built on the belief that the process of buying/selling a home shouldn’t undermine the excitement of home ownership. In working to bridge the offline and online worlds of real estate, we’ve opened new possibilities for home buyers/sellers and more business for real estate professionals.
Xome is comprised of industry leading real estate and technology companies, including Title365, and Xome Labs, united by the shared goal of forever transforming the real estate experience. Learn more at http://www.xome.com
The Security Engineer is responsible for supporting various security technologies and infrastructure in alignment with the Xome Information Security Program, related information security policies and standards, regulations, practices, and procedures. This position will execute information security processes and procedures in support of all Xome businesses. It requires a strong understanding of the following facets of information security: security engineering application security, infrastructure security, security event monitoring, intrusion prevention, incident response, eDiscovery, and forensic, regardless of operating system platform.
- Implement and support solutions that comply with Xome Information Security Policies and Standards.
- Supports technologies related to applications, infrastructure, and end-point security.
- Identify, research, report, and track hardware/software vulnerabilities, and execute mitigation strategy/efforts.
- Ensure the confidentiality, integrity, and availability of Xome information assets.
- Suggests and develops security measures, practices, and processes to safeguard information against accidental or unauthorized modification, destruction, or disclosure.
- Participates in the measurement and reporting of compliance activities with approved information security policies and standards to management.
- Participates in the gathering of information security metrics on a monthly, quarterly, and yearly basis.
- Maintain a balanced knowledge base of information security management industry practices and regulatory requirements as well as technology-based security solutions.
- Support existing and emerging security infrastructures, frameworks, methodologies, and platforms.
- Participate in the testing of security solutions and reporting observations to reporting management.
- Participate and recommend gap remediate efforts in regards to Information Security.
- Conduct security reviews of security infrastructures, frameworks, methodologies, and/or platforms and produce detailed documentation.
- Answer service calls and meet service level agreements. When required, escalate issues to vendors and/or other support teams.
- Assist in the incident response process as required.
- Provide support for mergers, acquisitions, and divestitures.
- Manage and lead security projects and/or initiatives.
- Provide technical support for security initiatives involving security infrastructures, frameworks, methodologies, and/or platforms.
- Provide mentorship for Security Analysts.
- Educate peers, security personnel, and other security staff about security infrastructures, frameworks, methodologies, and/or platforms.
- Support information security implementations & promote Information Security policy enforcement throughout Xome.
- Provide security engineering recommendations and guidance to security leaders and stakeholders.
- Support gap remediation efforts as directed by security leaders.
- Assist with investigating the potential impact of technologies and communicate findings to security leaders.
- Engineer technology platforms and infrastructures in alignment with Xome security standards and strategic roadmaps.
- Develop basic secure standards, requirements, diagrams, and/or documents for security infrastructures, frameworks, methodologies, and/or platforms needs.
- Reviews technical solutions and make recommendations in alignment with Xome security requirements.
- Collaborate with various security teams on infrastructures, frameworks, methodologies, and/or platforms needs.
- 5+ of experience the field of IT, information security, security event monitoring, incident response, eDiscovery forensic, infrastructure administration, compliance, security administration, audit and/or risk (with a broad range of exposure to all aspects of system maintenance, lifecycle management, technical support, systems analysis, risk management, application development and change management)
- 3+ years of experience on working projects.
Knowledge and Skills
- Proven leadership skills.
- Excellent written and verbal communications.
- Ability to manage multiple and complex priorities.
- Solid understanding of the follow areas: information security, system administration, IT support, compliance, audit, risk management, and change management.
- Expert knowledge of Security Infrastructure controls (networks, server and end user computing devices) system administration, and business continuity planning and practices.
- Expert knowledge of the information security engineering and system lifecycle support.
- Strong application and infrastructure security experience (i.e. Anti-virus, firewalls, cryptographic management (PKI), network protocols, filtering, etc).
- Strong experience with security tools used to find security vulnerabilities (i.e. web, OS, infrastructure).
- Strong experience with incident response.
- Practical knowledge of programing languages used to automate and/or enhance security process such C++, C#, Perl, Java, XML, and others.
- Solid understanding of operating system internals, networks, applications, databases, and cloud technologies.
- Strong knowledge of relevant security standards (NIST, ISO, etc) and ability to align them to secure engineering designs.
- Strong knowledge of technologies that support including, but not limited to:
- Authentication and authorization
- Identity and Access Management
- Web technologies
- Application servers
- Database Management Systems
- Web Application Firewalls
- Web services
- End-Point Security
- Data Loss Prevention
- Forensics tools
- Familiarity information security investigations and forensics
- Familiarity with legal, regulatory and industry security requirements and frameworks. Including, but not limited to the following:
- International Organization for Standards (ISO/IEC 27001)
- Payment Card Industry – Data Security Standards (PCI – DSS)
- Key skills include the following, as well as other competencies
- Analyze Problems and Make Decisions - Commit to a course of action after identifying and assessing alternatives based on logical assumptions, facts, resources, constraints and organizational values.
- Build Credibility and Trust - Adhere to Xome values and high ethical standards of behavior by demonstrating respect, honesty, consistency and fairness when interacting with colleagues, customers, business partners and other stakeholders.
- Collaborate with Others - Work effectively with others both within and across Xome businesses, establishing and maintaining productive working relationships.
- Deliver Results - Tenaciously work to meet or exceed expectations by keeping self and others focused on achieving critical goals.
- Professional/Technical Expertise – Knowledge of security technology platforms; ability to relate business requirements and risks to implementation of security systems
- Bachelor's degree in Business, Computer Science, Engineering or related discipline or equivalent experience.
- Active security certification desired or willingness to obtain.
- CompTia Security+
- GIAC Security Essentials
- Certified Security Analyst (ECSA)
- Certificated Ethical Hacker (CEH)
- Offensive Security Certified Professional (OSCP)
- Certified Cyber Forensics Professional (CCFP)
- Certificated Information Systems Security Professional (CISSP)
Xome is committed to nurturing a diverse and inclusive environment where every employee is empowered to be their authentic self. We know that a large part of our success as a business is directly tied to our ongoing efforts to attract and retain diverse talent and maintain an inclusive environment where each employee can thrive. Embracing and leveraging diversity through an inclusive work environment fosters new ideas, new insights, and constant innovation. We strive to weave the principles of diversity and inclusion throughout the fabric of how we work, how we interact, and how we engage with our customers and the community.
Job Requisition ID:
Primary Location City:
Primary Location Region:
Primary Location Postal Code:
Primary Location Country:
United States of America
Line of Business:
Additional Posting Location(s):
***To be updated by HR***