The Senior Information Security Engineer will have a passion for managing corporate security along with a desire to champion best practices. This role is responsible for performing all functions required to support day-to-day data security operations, supporting and maintaining a broad suite of information security infrastructure, accountable for security and networking infrastructure component availability and integrity, monitoring compliance with IT security policy, and coordinating investigation and reporting of security incidents. Participate in the planning, design, installation, and maintenance of security systems in support of security policies. Work with Information Technology staff and business units to assess risk and address security issues.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Collaborate with business leaders to establish appropriate strategies for computer security architecture and infrastructure based on the current and future information security risk landscape
- Analyze information security systems, applications, make recommendations and develop security measures to protect information against unauthorized modification or loss
- Ensure the appropriate technological security measures, risk, and audit assessment procedures are employed to protect company information assets. Direct the implementation and administration of the information security measures as required
- Maintain a security awareness program for new and existing employees
- Proactively identify threats, vulnerabilities and risks to computer security
- Design, apply and manage access controls using knowledge of active directory, profiles, resources and class structures for securing user and role-based access to data / system resources
- Manage security responsibilities, including firewalls, proxy systems, logging, and other security devices.
- Create and review reports on event anomalies.
- Develop and maintain security policies.
- Raise awareness of security policies and develop corresponding procedures.
- Assist in the enforcement and monitoring of Compliance regulations.
- Investigate and respond to security violations.
- Defines security requirements and assess systems to determine if they have been designed to comply with established security standards. Develop new standards as necessary.
- Analyze business needs, researches and recommends solutions.
- Establish and manage relations with vendors and related equipment suppliers.
- May perform other duties and responsibilities as assigned
JOB QUALIFICATIONS: Education & Experience Requirements
- 7+ years of experience in a security engineering role with proven experience in enterprise network architecture, management, capacity planning, and monitoring
- Current CISSP or CISM holder or ability to certify within one year
- Technical certifications such as CCNA, CCSA/CCSE, Security +, and MCSE are preferred
- 5+ years of practical working experience and knowledge of IT systems / network administration, including but not limited to Microsoft Active Directory, Group Policy Objects, Microsoft Server 2003/2008/2012/2016, Windows XP/7/8/10
- Expertise applying industry good practice to secure MS Azure and O365
- Recent experience working with Agile teams and the Agile methodology
- Prior experience working with DevSecOps practices
- Recent hands-on experience with Checkpoint firewalls is required including managing rules, performing upgrades, monitoring, and troubleshooting
- Experience managing an enterprise anti-virus solution is required, Symantec Endpoint Protection version 14/15 is preferred
- Proven ability to lead an enterprise vulnerability management program using Tenable solutions
- Management of industry recognized email, web filtering, and SIEM solutions are required
- Experience participating in a successful PCI DSS or ISO27001 compliance program
- Solid understanding of LAN, WAN, TCP/IP, Internet, wireless, email security, OS security policies, VPN, IIS web server security, WAF’s, and firewalls
- Foundational knowledge of security mechanisms in other operating systems such as Linux, iOS, and Android
- Comprehensive understanding of formal Penetration Testing and Vulnerability Assessment methodologies
- Experience implementing controls to support industry standards such as CIS Benchmarks, SANS Top 20, and OWASP Top 10
- Familiarity and practical application of the CWE, CVE, and CVSS
- Strong documentation skills to include diagrams, charts, standards, and technical writing
- Experience designing, selecting, reviewing, and implementing vendor solutions applying a formal procurement process
- Possess scripting language skills using MS Powershell, Python, etc., sufficient to perform required duties
- Identity Access Management experience with Okta is preferred but not required