Security Engineer

What you’ll do & how you’ll make your mark

Security Engineers are responsible for designing, building, and maintain security solutions, security architectures, technical security standards, and technical baselines.  These may include but are not limited to network security, endpoint security, detection and response, web, data, and cloud security controls.  Security Engineers provide technical expertise and direction in building and supporting security solutions to ensure they operate effectively while meeting the needs of a global enterprise.  A Security Engineer is expected to respond to and document threats and risks to information systems and networks, resolve technical issues, and ensure the proper utilization and function of security technologies to protect the enterprise.

Perform a wide variety of evaluation, maintenance, installation, and training tasks to ensure network security technologies are maintained in an optimal state and configuration.

Administer and maintain security infrastructure such as the SIEM, log management systems and forwarders, endpoint protection solutions, and other security technologies as required.

Resolve complex problems related to installation, implementation, maintenance, and operations of varying components of systems and infrastructure.

Participate in IT governance and change management processes to review system and network changes for alignment with information security policies, standards, procedures, and acceptable use.

Provide technical support for disaster recovery and cyber resilience testing.

Work with system engineers and developers to design optimal security practices with developing new systems, networks, and application functionality.

Assist in mitigating security risks associated with complex projects and challenges to the business.

Effectively communicate technical security concepts to various stakeholders.

Liaise with vendors and third-party solution providers to implement, manage, and maintain security solutions.

Advocate for security change across the company through building partnerships and clearly communicating impact of risks.

Collaborate with the Blue Team and Security Operations to improve readiness and produce solutions for defenders.

Who you are & what you’ll need to succeed

Expertise across a variety of security products including firewalls, URL filtering, information security, antivirus protection, intrusion detection, and content filtering.

Ability to work in a fast-paced dynamic environment and to effectively listen and respond to business and IT objectives, shift needs, manage multiple tasks, and adapt to change quickly.

Experience with secure software development, data protection, cryptography, key management, Identity and Access Management (IAM), network security (firewalls, VPNs) within on premise and public cloud environments.

Knowledge of PCI-DSS, ISO-27001, and/or SOC II compliance frameworks and NIST 800-53 and the Center for Internet Security (CIS) security controls.

Working knowledge of Internet protocol version 4 and 6 suite, Radius, BOOTP, ARP, IP, ICMP, BGP, OSPF, TCP, UDP, LDAP, DNS, DHCP, SNMP, SMTP, SIP, GRE, Netflow/cflowd, IPSec, PKI, Kerberos, and encryption protocols.

Familiarization with system orchestration and control infrastructure elements, API integration frameworks, Openstack, DevOps or similar system control elastic compute environments.

Working knowledge and experience with both Windows and Linux operating systems and scripting languages such as Python, Perl, PowerShell, or other equivalent.

Familiarization with defense-in-depth and zero-trust architectures.

Knowledge of system, network, and operating system hardening techniques.

Project management skills are a plus.

Experience with the following technologies is desired:  SentinelOne Singularity Platform, Tanium, Google Chronicle SIEM, Cloudflare L3-L7 security technologies, Atomicorp (ModSec), Tenable.io, Lacework, Recorded Future, ServiceNow, Jira, Microsoft Defender for Endpoints, Microsoft Security and Compliance, Virus Total, SiteLock, Monarx, NGNIX.

Experience with the native security service solutions for public cloud service providers (AWS, Google, Azure, Oracle) is desired.

Educational and Certification Requirements

A degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related field is desirable.

Industry recognized certifications are a plus.  Certifications may include:  CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CEH (Certified Ethical Hacker), Information Technology Infrastructure Library (ITIL), certifications issued by the SANS Institute, etc.

Certifications issued by public cloud providers (AWS, Azure, Google, Oracle, etc.) are a plus.