Security Engineer

Security Engineer

Requirements

• B.S., Information Technology, Computer Science or related (or equivalent combination of education and experience) along with at least 5 years related IT Security experience.
• M.S. degree preferred.
• Must have hands on hardware and software troubleshooting experience.
• Knowledge of Microsoft Office Suite.
• Endpoint Management Experience (BigFix, WSUS/SCCM, Symantec, Trend Micro, etc)
• Identity and Access Management
• Certificate Management
• Patch Management (Windows and Unix)
• Intrusion Detection and Prevention
• Security Awareness Training
• Mobile Device Management
• EDR (Endpoint detection and response)
• Web Content Filtering
• Device Encryption
• Vulnerability Assessment Tools
• Firewall and VPN
• Secure E-mail, Anti-SPAM
• Webserver applications
• Web API Service Security
• Business Continuity (Disaster Recovery)
• Compliance and Audit (HIPPA, HITRUST, SOX, and PCI a plus)
• OS Administration (Windows and Unix)
• Authentication and SSO
• Container Security

Responsibilities

• Enforces policy and supports security procedures, applications, and systems through the documentation of the resolution of assigned cases that range from simple to complex.
• Recommends changes to existing security process and procedures.
• Uses strong endpoint skillset to enhance automation of endpoint vulnerability detection and remediation.
• Ability to utilize Endpoint Threat Detection and Response/Hunting toolsets.
• Creates requirements for product evaluations and/or procedures to enhance productivity and effectiveness.
• Provides direct support to the business and IT staff for security related issues.
• Drives the delivery of new and upgraded security applications, systems, and workflow.
• Tests new systems for effective operations.
• Patch management for endpoints following security best practices including operating system patching, firmware updates, etc.
• Reviews system-related security plans throughout the network.
• Leads and/or participates in efforts to proactively maintain and improve the automation, reliability, consistency, and the quality of existing IT security tools and environments throughout the organization.
• Assists in the design, deployment, integration and configuration of security solutions or enhancements to ensure functionality.
• Ensures the confidentiality, integrity, and availability of data residing on or transmitted to, from, or through the enterprise workstations, servers, application systems, and data repositories.
• Initiates, facilitates, and promotes activities to create information security awareness.
• Disseminates and educates users on security policies and practices.
• Participates in regular security awareness training and updates to ensure consistent compliance with IT Security Policies.
• Works cross-functionally and interacts with internal business units and stakeholders to support the business’ needs.
• Using an automated customer case request system, tracks and documents security service requests and completed cases.
• Maintains up-to-date industry knowledge through formal/informal training, industry associations and research of latest technologies critical to the success of the company’s information security program.
• Continuously works to identify and improve security solutions to defend the company against data security threats.
• Apprises and keeps management aware of security issues; handles and/or escalates issues appropriately.
• Provides guidance/training to less experienced staff.

Preferred Qualifications

• M.S. degree preferred.
• Security Certification strongly preferred.
• OWASP, ISSA, ISACA membership a plus.