Information Security Engineer 2

Company: Usg
Location: Chicago
Posted on: April 3, 2025

Job Description:

ABOUT OUR DIGITAL CUSTOMER EXPERIENCE JOURNEYCapability transformationUSG is evolving its digital customer experience and translating the objective of being easiest to do business with into a sustainable technology roadmap. The digital transformation includes upgrading our technology stack and augmenting our teams, developing new digital platforms, and integrating a best-in-class eCommerce operating model to deliver exceptional customer experience from design planning to order delivery.ROLE SUMMARYThe Information Security Engineer will be a key role in the USG IT information security team, fully supporting USG's digital transformation effort and is responsible for supporting the business transformation roadmap while ensuring USG's IT security standards for safeguarding the environment, data, ensuring compliance with regulations, and protecting against security threats. They must ensure security controls are maintained and respond to cybersecurity risks or incidents.USG offers a hybrid workplace. The office location is Chicago, IL. Minimal travel may be required.DEFINITION OF THE TEAMUSG's IT Security team is responsible for safeguarding the company's digital assets and ensuring the confidentiality, integrity, and availability of information. The team's primary responsibility is to develop and implement comprehensive security policies, procedures, and controls that align with the overall enterprise security strategy and standards to protect our assets and operations.This team fosters a secure digital environment that supports the organization's operations, enhances trust with stakeholders, and drives business continuity through effective risk management and incident response. The IT Security team collaborates closely with various departments to understand their business needs and design security solutions that meet those requirements effectively while protecting USG.KEY ACCOUNTABILITIES AND RESPONSIBILITIES

• Maintaining Security Protocols: Assess and monitor existing security measures, identify any weaknesses, and propose improvements or modifications accordingly. Perform technical security assessments, design reviews, and code audits.
• Ensuring compliance and security: Ensure data systems comply with relevant regulations and security standards. Develop measures to protect data privacy and ensure the security of data pipelines and analytics infrastructure.
• Risk assessment: Assist cybersecurity risk assessments and mitigation efforts, and participate in incident management and response planning activities.
• Collaboration and communication: Collaborate with cross-functional teams, especially within customer experience teams of USG, including IT, data science, and business units of customer experience teams, to mitigate risk. Guide engineering teams in making informed security decisions on infrastructure, systems, and applications design.KEY QUALIFICATIONSEducationBachelor's degree in Computer Science, Information Technology, Cyber Security, or a related field. Relevant certifications such as Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).Required Skills
• 4+ years experience in information security and risk management.
• In-depth knowledge of IT security frameworks and regulations such as ISO 27001, NIST, and GDPR.
• Evaluate and manage the security risks associated with third-party vendors and cloud service providers.
• Practical experience in cloud technologies, preferably Azure.
• Proficiency in security tools and products, including firewalls, IDS/IPS, SIEM, and vulnerability scanning.
• Ability to translate technical security risks into clear, concise, nontechnical terms.
• Excellent problem-solving skills to address security challenges.
• Strong collaboration skills with the ability to work effectively with cross-functional teams, including IT, data science, and business units of customer experience teams.
• Strong ethical standards and integrity.Preferred Skills
• Experience with digital transformation projects and strategies.
• Familiarity with code security tools like SonarQube, Fossa or CheckMarx.
• Proficiency in programming languages commonly used in security, such as Python and Powershell.
• Experience with security standards for cloud applications including in the implementation of digital solutions.
• Experience with network security design and implementation, penetration testing, and vulnerability assessment tools.
• Experience in overseeing or implementing automation in security engineering.
• Experience with data security and privacy.USG offers a comprehensive benefits package including medical, dental, and vision insurance, a 401(k) plan with company match, and paid time off.Since 1902, Chicago-based USG has been a leader in producing innovative, award-winning products and systems to build everything from major commercial developments and residential housing to home improvements. USG's employees are committed to the highest levels of customer satisfaction and quality in everything we do.EOE including disability/veteran
  #J-18808-Ljbffr

Keywords: Usg, Chicago , Information Security Engineer 2, Engineering , Chicago, Illinois