18 Sep
Sr Security Engineer
Vacancy expired!
- Leadership & Project Management
- Design, develop, implement, and maintain security systems and technologies while managing multiple simultaneous complex technical projects with limited guidance from security leadership
- Lead incident response activities, tabletop exercises, IR planning, etc.
- Mentor, develop, and guide peers in Information Security as well as other technology teams throughout the organization
- Drive team's execution of all assigned OKRs
- Track and report on KPIs
- Serve as ultimate technical escalation point for internal Security Analysts as well as the MSSPs, such as the MDR & SOC teams
- Provide thought leadership to influence the direction of the information security program
- Core Engineering
- Design, deploy, manage, enhance, tune, and expand enterprise-wide security systems, including enterprise encryption, SWG, ZTNA, NGFW, NGAV+EDR, large scale security event logging and correlation systems, WAF, DLP, PAM, MFA, IDAM, decoy systems, central config control systems such as SCCM/Intune/MEM & JAMF, etc.
- Evaluate and advise on the applicability, effectiveness, and/or necessity of new and existing security tools
- Build and manage code security testing processes and systems, and advise and assist developers with secure coding practices, applying modern security technologies to the design and integration of internally developed applications
- Work with application and infrastructure teams to ensure the safe and security-integrated development and deployment of COTS, SaaS, IaaS, PaaS, etc.
- Secure M365 (ATP, AIP, etc.), AWS, & Azure designs & configurations, and ensure integration with core security systems and controls
- Develop software and/or configure system automation framework tools (e.g. SOAR, API integration, etc.) to automate repetitive tasks
- SecOps & IR
- Function as the security technical SME during incident response, and perform forensic analysis of security incidents
- Lead efforts to mitigate and investigate security threats, and support other IT organizations in the diagnosis of potential security incidents
- Support
- Interface with both technical and non-technical individuals and groups to assist with security issues and identify new security opportunities arising from advancements in security and newly defined security best practices.
- Partner with other teams in the design and implementation of systems, applications, processes, and/or other related technologies to adhere to security and compliance best practices, regulations, laws, and/or company programs, procedures, policies, and guidelines
- Reporting & Documentation
- Work with SecOps to perform routine (daily, weekly, monthly, quarterly, & yearly) reporting on our security events, trends, and system hygiene & posture, such as on our IaaS environments & critical SaaS environments
- Regularly report on security program and project status, performance, and gaps
- Develop and maintain security documentation including diagrams, security standards, and disaster recovery manuals, and support the security strategy by outlining the requirements and benefits of specific security tools and/or solutions
- Governance, Risk, & Compliance
- Manage penetration tests, perform enterprise-wide vulnerability assessments, and perform and/or assist with remediation efforts
- Assist Risk Management with the identification and documentation of risks throughout the environment, including the evaluation of incoming systems
- Support internal, customer, and independent audits, as necessary
- Draft, implement, maintain, and monitor enterprise security procedures, policies, & controls
- Develop, implement, and maintain solutions and security architecture to address identified risks
- Assist in the development of solutions to address defined security remediation action plans, including POAMs and Risk Treatments
- Other Duties
- Design, implement, and support physical security access management and monitoring solutions
- Work with management and technology leads within the organization to ensure alignment with shared goals and strategies
- Maintain current knowledge of industry trends in security and compliance
- Bachelor's Degree in Computer Science, Computer Engineering, or Information Security / Cyber Security, or equivalent combination of education, training, and experience
- Technical security certificates preferred - e.g. SANS GIAC, vendor-specific security certs, top non-security certs, such as CCIE, etc.
- Non-technical security certificates a plus - e.g. ISC(2) CISSP, ISACA CRISC, etc.
- Minimum 7 years of experience in a full-time Information Security role or other technical role that lends itself to skills needed for Information Security, such as infrastructure or software engineering
- Scripting &
- Extensive experience developing with programming languages to interact with, and manipulate data from, systems such as AD, MS Graph API, etc.
- Deep experience building-out and managing enterprise-wide logging environments using both legacy (syslog-based) and advanced (API-based) logging methods
- Security-relevant expertise around Active Directory & GPOs, Azure AD, Linux, and Windows Server & Workstation Oss
- Experience developing software using modern OOP languages such as Python, Go, etc. & using Git for SCM
- Extensive experience with standard ITIL methodologies, such as incident, problem, request, & change management
- Experience working within an ITSM, such as ServiceNow, JIRA, ZenDesk, etc.
- Experience implementing AWS or Azure security controls
- Very strong experience with MS Office tools & web-based collaboration tools
- Extensive knowledge of core security systems, such as NGAV/EDR, SWG, decoy systems, SIEM, WAF, DLP, vuln scanners, whole disk encryption, PAM, IDAM, MFA, etc.
- Experience developing advanced security-specific automation, such as with SOAR or vendor/application-specific security automation
- Networking expertise, including application-aware NGFWs, TCP/IP core tenets, packet analysis, core routing & switching, wireless network security, advanced remote access systems, such as ZTNA, network-based decoy techniques, and 802.1x.
- Strong knowledge of, or experience with, Microsoft 365 security & compliance controls
- Understanding of MITRE ATT&CK Framework and associated threat actor techniques
- Medical, Dental, and Vision insurance
- Employer Paid Basic Life Insurance and AD&D
- Voluntary Life Insurance (Employee/Spouse/Child)
- Health Care and Dependent Care Flexible Spending Accounts
- Pre-Tax and Post Tax Commuter and Parking Benefits
- 401(k) Retirement Savings Plan with Company Match
- Paid Time Off
- Paid Parental Leave
- Short-Term and Long-Term Disability
- Tuition Reimbursement
Vacancy expired!