Job Description :
Supervisory Responsibilities:
There are no supervisory responsibilities associated with this job

Minimum Qualifications:
10+ years hands-on information technology security experience
A Bachelor’s degree from an accredited institution or an equivalent combination of education and work experience.
Must have current Certified Information Systems Security Professional (CISSP) certification; additional certifications such as GIAC, CEH, LPT, PCI-ISA, etc. are preferred.
Experience with PCI, ISO, and threat analysis and detection capabilities
Significant experience in working within an incident response program, including management of third-party service providers preferred.
Experience with vulnerability and penetration testing and the underlying security toolbox desired.
Familiarity with the changing threat landscape, updated by continual review of mainline and trade reportage, required.

Requirements and General Skills:
Self-motivated to constantly hone information security knowledge and skills
Good public speaking and presentation skills
Interpersonal skills and ability to interact and work with staff at all levels
Excellent written and verbal communication skills
Ability to work independently and in a team environment
Ability to project a professional image over the phone and in person
Commitment to “internal client” and customer service principles
Strong organizational skills and attention to details
Excellent time management skills, with the ability to prioritize and multi-task, and work under shifting deadlines in a fast paced environment
Must have legal right to work in the U.S.
Sirius XM is a 24/7 operational entity and, from time to time, the Senior Information Security Engineer is expected to serve as an on-call resource and to participate in security activities outside of normal business hours.
This position may require 50-75% travel

Technical Skills:
Relevant work experience designing and implementing security controls and securing systems, applications, and infrastructure (5+ years)
Vulnerability and penetration testing tools and techniques (2+ years)
Malware protection and response (2+ years)
IDS/IPS and security event/ log monitoring and correlation (2+ years)
Security program implementation (1+ years)
Working knowledge of ISO standards, PCI, OWASP Top 10
Experience with internet facing services and 24x7 environment
Experience with telematics services is preferred