Senior Information Security Engineer

Responsibilities:

• Security Control Design and Implementation
• Ensure the rigorous application of cybersecurity policies, principles, and practices in the delivery of all IT and cybersecurity services
• Design, and implement cost-effective, controls to reduce business risk from real-world attacks such as ransomware, DDoS, data theft, and account takeovers
• Design and optimize our network boundary protections and sensitive data flows using tools such as firewalls, VPNs, IPS/IDS, CASB, wireless security, network access controls, and web and email security
• Implement and support Single Sign-on, PAM, Multi-factor Authentication, Enterprise Mobility Management, security certificates and the SIEM solutions
• Identifies, plans, and documents improvements to security controls already in place
• Security Advocate within the Business
• Play an advisory role in IT projects to assess security requirements and controls and to ensure that security controls are implemented
• Lead or manage efforts on penetration testing, code reviews, design/architecture, and system security reviews.
• Assess applications and the associated data flows for risk to sensitive data, systems, or infrastructure.
• Provide management and business clients with information related to security and threat trends to protect the company from internal and external intrusions and risks
• Act as an agent of security awareness, foster and influence good internal information security practices through presentations, training, and other communication opportunities
• Incident Handling and Response
• Act as an escalation point in the investigations of cyber alerts, events, and incidents to ensure thorough investigation and response
• Review and recommend improvements to incident response process and procedures and lead annual exercises
• Maintain Situational Awareness
• Validate Hardware and Software Inventories
• Ensure all systems and devices on the company network are adequately patched and hardened
• Maintain a current awareness of information security issues and trends and provide educational briefings to peer groups within the Information Technology department
• Maintain professional security certifications and accreditations
• Other responsibilities as required

Qualifications:

• Bachelor’s degree in IT, Computer Science or related discipline preferred
• 7 years’ experience maturing and improving information security programs
• Comfortable leveraging outside experts for implementation assistance and support
• System engineer level understanding of infrastructure technologies such as Active Directory, virtualization, and Windows operating systems
• Functional knowledge of modern networking protocols such as TCP/IP, IPSEC, VPN, MPLS, and SD-WAN
• Understanding of cyber kill chain as it relates to attacks by cyber-criminals against corporations
• Experience implementing security controls including IDS/IPS, firewalls, EDR, MFA, SSO, PAM, and email filtering
• Experience using SIEM tools for log collection, incident detection, and investigation
• Excellent written and verbal communication skills
• Persuasive negotiator able to exert influence without authority
• Experience identifying cost-effective solutions for complex problems within corporate enterprise
• Excellent analytical, troubleshooting, and problem-solving skills
• Solid grasp of vulnerability management, including an understanding of the process and activities associated with vulnerability identification and remediation
• Demonstrated ability to identify security events based on network, computer, and user behavior and investigate to eliminate false positives
• Demonstrated ability to identify security vulnerabilities in proposed solutions and suggest alternatives that accomplish business goals while reducing risk
• Experience hardening and applying modern security standards across servers, workstations, SaaS-based solutions, and network equipment
• Demonstrated track record staying up to date with Information Security and threat intelligence knowledge across the security and tech communities.
• Knowledge of security frameworks and methodologies such as CIS Top 18, NIST Cybersecurity Framework, and PCI DSS
• Remain flexible in your point-of-view to support the direction taken by the business
• Possess solid understanding of cryptography basics (public/private keys, TLS certificates, PKI, etc.)
• Professional certifications such as GCIH, CISSP, CySA+ a plus