Civis Analytics is building a data-driven world.
We are building cloud-based products to help organizations do data science better and easier. We create technologies that empower organizations to unlock the truth hiding in their own data—transforming them into smart organizations that are ready to thrive.
We're solving the world's biggest problems with big data. Through research, experimentation, and iteration, we’re transforming how organizations do analytics.
While our history is rooted in political campaign targeting, we’re now partnering with intelligent organizations in healthcare, media, education, and a range of other domains.
We are a community of engineers, data scientists, and statisticians, and are looking to add to our growing team. We are smart, fun, and a little bit weird. Does this sound like you?
- B.S. or M.S. Computer Science, Information Systems, Information Security or related field (Math, Physics, Engineering) and equivalent security experience
- Excellent communication skills
- Enthusiasm for the constant fight to ensure security and ethical privacy on the internet and for our customers
- Exposure to security frameworks & compliance such as SSAE 16, HIPAA, FedRAMP, ISO 27001, etc
- Strong knowledge of UNIX/Linux and/or OS X
- Strong knowledge of TCP/IP and Networking
- Experience with sniffers such as tcpdump, WireShark, etc
- Experience with applied cryptography including PKI, SSL, and key management
- Experience with vulnerability testing tools such as Nessus, Qualys, OpenVAS, etc
- Strong knowledge of at least one modern scripting language (Python, Perl, Bash, etc)
- Ability to impress with knowledge of internet security issues
- Ability to be on call for incident response purposes
- At least one Security credential: GIAC (GCIA, GCIH, GPEN, etc) and/or CISSP preferred
- Experience working with HIPAA and FedRAMP Moderate compliance a huge plus
- Active member of the global security community a huge plus (research, blogging, presentations, conference attendance, etc)
- Experience with SQL and database administration (MySQL, Oracle, etc)
- Experience working with IDS/IPS (e.g. Snort)
- Experience with regular expressions (regex)
- SIEM experience (ArcSight, Splunk, QRadar, AlienVault, SumoLogic, etc)
- Experience performing security audits and working with external auditors
- Exposure to application security testing concepts (e.g. Fuzzing, XSS, SQL Injection, etc)
- Exposure to penetration testing frameworks such as Kali Linux and resident tools such as netcat, Nmap, Burp Suite, etc