Senior Information Security Engineer
Reporting to the VP, of Information Security the Senior Information Security Engineer will actively operate tools in the endpoint, servers and cloud infrastructure security (IaaS and PaaS) space. The role will also oversee and improve operational security activity within domain of expertise; Investigate and solve problems of technology, process, and organization; Seek out, identify, and drive security capability via root cause attribution; and identify and evaluate solutions addressing root cause and capability gap.
A Day in the Life of the Senior Information Security Engineer
- About the role:
- Review technical security posture (network, application, database) for existing and newly acquired businesses or services
- Perform security review and monitoring of environments to check permissions of users, open ports/services and overall network setup
- Examine network, server, and application logs to determine trends and identify security incidents
- Use security tools to audit infrastructure, detect issues and coordinate remediation of any issues
- Perform monthly scans of the internal and external networks for critical or high vulnerabilities for adherence to compliance standards.
- Follow, develop and improve network and security configuration procedures
- Primary lead for new security projects
- Review requests for increased network access and provide risk-analysis.
- Manage endpoint security tools like antivirus, antimalware and incident response tools.
- Work with other teams to remediate discovered deficiencies.
- Protect cloud infrastructure and sensitive data on public infrastructure (IaaS) and platforms (PaaS)
- Provide practical solutions to ensure secure principles are achieved.
- Participate in training and education to maintain skill relevancy.
- Develop deep understanding of deployed technology infrastructure and relevant business drivers
- Support network and cloud security initiatives.
Required Qualifications - About you:
We are looking for candidates who possess the combination of the following achievements, skills and behaviors:
- Minimum 5 years of experience in the security industry managing security tools or securing devices, systems and applications.
- 1+ years of experience with managing endpoint security tools such as CrowdStrike, CarbonBlack Response, CarbonBlack Protect, Cylance and others.
- Experience with configuring and managing security tools and technologies.
- Experience troubleshooting and investigating security issues in cloud infrastructures.
- 1+ Experience with scripting languages for example, PowerShell, shell, python, Perl, etc.
- Prior Systems Administration experience will be a plus.
- Application development or AppSec experience will be a plus.
- Bachelors degree in Comp. Sci, MIS or other related field. Equivalent work experience will be considered if non-degreed
- Master's considered a plus
Skills & Personal Characteristics:
- Customer Centricity
Most work activities are performed in an office or home-office environment and require little to moderate physical exertion. Work activities may require periods of extended hours, critical deadlines and stressful situations. To successfully complete the tasks of this position, individuals must be able to communicate clearly (in writing and orally), comprehend business terminology, interpret numerical data.
This job description is intended to convey information essential to understanding the scope of the job and the general nature and level of work performed by job holders within this job. This job description is not intended to be an exhaustive list of qualifications, skills, efforts, duties, responsibilities or working conditions associated with the position.