As an Expert Information Security Engineer, you’ll join the Information Security Unit in which you’ll ensure that our tooling empowers Security teams to deliver secure, compliant & resilient services that add value to our customers.We own, use, and depend upon severalsecurity tools & platforms that need to interoperate anddeliver towardsSecurity’s roadmap and vision. When it comes to security tools, platforms, and agents, we believe less is more, and that seamless interoperability is key. Our tools and platforms need to add measurable value in a pragmatic and scalable way.
Interface with the Information Security Product manager to understand the What and Why.
Define the How when it comes to delivering on operational team (SecOps) requirements.
Work with the teams to implement all the stories in the backlog, based on prioritisation.
Contribute SME input towards long-term strategic initiatives in line with the Security roadmap and other business priorities.
Lead and participate in Proof of Value exercises, stating technical success criteria and testing/ measuring against those requirements.
Focus on delivery by working with the Security Product manager, SecOps team/vendors, and by influencing roadmaps and release plans and contribute to the long-term vision of the Information Security Unit.
Implement continual, iterative improvements to our tooling and platform capabilities.
Collaborate with the Information Security Architect to ensure best practice configurations are in place.
Troubleshoot tooling & platform issues with different vendor engineering teams.
Facilitate the onboarding and management of various log source types into the SIEM platform.
Overall, you will have a high-level overview of the SOC/CSIRT's work and progress, identifying areas of improvement with respect to engineering, mentoring SOC/CSIRT members when it comes to engineering requirements, tools usage and closely collaborate with the members as a team toward a collective goal.
Contribute to the technical direction on all areas of the PKI domain including policies, standards, strategies, automation and governance.
Develop, maintain and publish certificate management processes and procedures to administer certificates throughout their lifecycle.
Joint point of contact for certificate questions and resolution of certificate issues.
Minimum 5+ years working in security practices (CSIRT/SOC experience preferred).
Ability to quickly solve problems using coding, scripting, and automation.
Ability to coordinate with various stakeholders to understand Information Systems and to ensure the adequate detection controls are in place.
Should have good scripting knowledge (PowerShell, Python, VBScriptetc); Strong ability to create or customize scripts as needed.
Strong knowledge of Operating System (Linux, Windows, Mac etc) and Network internals;proven hands-on experience in Linux environments.
Strong understanding of IT fundamentals across networking, system, and application layers.
Strong understanding of Cloud infrastructure; preferably Azure and AWS.
Good knowledge in security engineering practices, web-Application security, and Cloud Security.
Excellent interpersonal and communication skills to share knowledge with peers and to communicate effectively with different stakeholders.
Expert knowledge of Security Incident & Event Monitoring (SIEM) tools for incident analysis, use-case management, and data-source onboarding.
Hands-on experience of Security Automation and Orchestration (SOAR) for Incident/SIEM Triage to automate L1& L2 Tasks to reduce alert fatigue.
Knowledge of PKI and X.509 certificates.
Understanding of Cryptography, Key Management and the usage of certificates for their intended purposes.
8+ years working in an enterprise level organization with responsibilities related to computersecurity or system administration.
Strong written and verbal communication skills.
Strong technical analytical and problem-solving skills.
Security certifications such as GIAC or equivalent; certifications (GCIH,GCFA,GFNA,GCIA, etc.)
Experience working with distributed teams, willingness, and experience in being a team player and dealing with people from various backgrounds andlocationsacross the company, alsopossess the ability to work independently.
Knowledge of the automotive industry.
A Bachelor’s degree in Computer Science or equivalent.
Programming/coding and DevOps experience.
Knowledge of virtualization and containerization technologies such as VMware, Kubernetes, and Docker.
Experience with HSMs, PKI, Tokenization systems, data encryption solutions.
Experience with certificate management automation tools.
Knowledge of Endpoint Detection and Response (EDR) tools for incident analysis, Management, and automations.
Strong demonstrable knowledge of common attacker TTPs; thorough understanding of SOC related frameworks and standards. (MITRE ATT&CK,NIST etc.)
We’re Information Security. We protect TomTom’s infrastructure, applications, employees and customers. We work alongside Enterprise IT, Commercial IT, Legal, Finance and HR to minimize risk and increase resilience across the business. We take an intelligence-driven approach, relying on innovative commercial and open-source solutions to proactively identify vulnerabilities and contain threats. On our team, you’ll help secure a safe, connected, autonomous world that is free of congestion and emissions.
We are self-starters who play well with others. Every day, we solve new problems with creativity, meet new people and learn rapidly at our offices around the world. We will invest in your growth and are committed to supporting you. In everything we do, we’re guided by six values: We care, putting our heart into what we do; we build trust (you can count on us); we create – it’s how we make a difference; we are confident, but don’t boast; we keep it simple because life is complex enough; and we have fun because life’s too short to be boring.
Our recruitment team will work hard to give you a meaningful experience throughout the process, no matter the outcome. Your application will be screened closely, and you can rest assured that all follow-up actions will be thorough, from assessments and interviews through onboarding.
TomTom is an equal opportunity employer
TomTom is an equal opportunity employer. We celebrate diversity, thrive on each other’s differences and are committed to creating an inclusive environment at our offices around the world. Naturally, we do not discriminate against any employee or job applicant because of race, religion, colour, sexual orientation, gender, gender identity or expression, marital status, disability, national origin, genetics, or age.