About this role:
The Security Engineer with play a key role in developing and executing security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company infrastructure.
Provide security expertise for defined projects, departments, or areas.
Proactively challenges company security postures (via technical audit or continuous improvement)
Provide expertise on internal/external security issues or incidents and implement long-term remediation.
Monitor and research attempted or successful efforts to compromise systems security.
Administer and monitor compliance of security policies.
Research and implement options for new or improved technology.
Research and remain current on cyber security threats in the IT space.
Identify, analyze and resolve enterprise security design weaknesses.
Manage, administer and maintain security tools and utilities.
Recommend security enhancements to management or senior IT staff.
Influence and mentor IT team and developers on security topics.
Qualifications:
The Security Engineer must be able to:
Think critically about, investigate and respond appropriately to security events.
Work independently with little management oversight.
Education, Experience, and Special Skills:
Bachelor's degree in IT or related area of study, or comparable work experience
At least 5+ years of progressively increasing responsibility in the areas of information security, risk assessment, cybersecurity or information technology.
Experience with multiple environments and operating systems, devices and databases including Windows Server, Active Directory, VMWare, Azure or AWS is preferred
Strong analytical and problem solving skills
Strong incident response background
Fundamental understanding of security related technologies such as SIEM and SOAR
Must have and maintain one or more IT Security Assurance certifications such as CISSP, CISA, CISM, CIPT and/or CCSK
Strong understanding of information security standards, concepts, controls, testing techniques and technical risk assessment