MightyHive is a new breed of media consultancy that partners with global brands and agencies seeking transformative marketing results in a time of massive disruption and opportunity. Recognized as a global leader in advanced marketing and advertising technologies, MightyHive provides consulting and services in the areas of media operations and training, data strategy and analytics.
The company is headquartered in San Francisco, with teams in 19 countries and 24 cities around the world.
In 2018, MightyHive merged with S4Capital plc (SFOR.L), a new age/new era digital advertising and marketing services company established by Sir Martin Sorrell in 2018.
Summary of Role
We are looking for a Security Engineer who is able to understand the security objectives, interpret the identified risks, and implement the tools & processes to improve the level of security and can proactively detect opportunities for improvement.
As MightyHive continues to integrate tools with our parent company, S4 Capital, this role will have the potential to grow and be part of a larger global security team. This role is well-suited for those looking for new challenges and those who are interested in expanding their skillset.
Responsibilities will include:
- Implement security measures for the protection of endpoints, systems, accounts, and data
- Monitor security events for alerts within our tech stack, and investigate any potential breaches
- Routinely perform internal penetration tests and security audits4
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
- Perform continuous vulnerability management over the IT environment
- Complete security assessments & RFPs from clients
- Work with other teams to help prepare and document standard operating procedures and protocols related to security
- Interact with the IT and Legal teams, to ensure we are able to find the best security solutions for our company and use case, while also ensuring compliance with legal and private commitments.
- Handle security breaches according to defined policies and procedures, ensuring that all staff members are informed of the situation accordingly.defined policies and procedures, ensuring that all staff members are informed of the situation accordingly.
- Provide topics and materials for security-focused trainings
- Research and propose new security tools to implement different kinds of controls and measures
- 2+ years of relevant experience
- Knowledge of security requirements related to GDPR and CCPA
- Hands-on experience auditing and implementing security solutions across several unified platforms and tools. Bonus points for experience in:
- Cloud-Based SaaS: Google Workspace, Salesforce, Office365, Slack
- Cloud-Based Infrastructure: AWS, Google Cloud Platform
- Identity Access Management: OneLogin, Okta
- Network Infrastructure: Cisco Meraki, FortiNet, ZScaler
- Endpoint System Security: macOS, Windows, Android, iOS
- Network traffic analysis and events correlation
- Security incident handling
- Bonus points for experience performing white/black box penetration tests and assisting in resolving any discovered vulnerabilities
- Bonus points for experience working with security policies like ISO 27001, ISO 27032, NIST Cybersecurity Framework, NIST-800 series, SOC 2
- Problem solving skills and ability to work under pressure
- Detail-oriented and strong organizational skills
- Strong verbal & written communication skills
- Self-sufficient, proactive, and ready for a challenge
What we offer:
- Competitive salary
- Full coverage health insurance including Medical, Dental, and Vision
- 401K with Company contribution
- Flexible vacation time
- Paid Parental Leave after 1 year of service
- MightyHive cell phone plan