Security Engineer

The Security Engineer is responsible for implementing proactive and responsive improvements in information security. The Security Engineer should understand common security controls and requirements as well as be able to "think like a hacker" and then be able to participate in researching, developing, and implementing solutions. Typical tasks include setting up new security rules and alerts, creating and administering vulnerability scanning programs, and implementing and managing new security tools, processes, and procedures.

Job Responsibilities

• Install security measures and operate software to monitor, analyze, and maintain systems and procedures to safeguard information systems, networks, databases, and external services
• Install security measures and operate software to identify potential security breaches and intrusions
• Utilize "red teaming" and adversarial tactics against information systems, networks, databases, and external services to discover vulnerabilities and weaknesses
• Implement vulnerability discovery tools and assist and monitor remediation efforts
• Recommend, implement, and work with other teams to make changes and instill best practices to enhance security
• Respond to alerts from information security tools and other sources
• Report, investigate, and assist in the resolution of security incidents
• Oversee internal or external systems security (i.e., cloud services)
• Participate in internal and external information security audits
• Design and develop security controls and work with other teams to ensure compliance with regulations, privacy laws, and audit requirements
• Be a subject matter expert for the company on IT security-related events, news, and issues
• Maintain safety, security, and privacy standards throughout all areas of responsibility.

Knowledge

• Solid technical understanding of wide range of security technologies, protocols, and standards (e.g., Active Directory, multi-factor authentication, networking, DNS, etc.)
• Solid technical understanding of weaknesses, vulnerabilities, and exploit techniques
• Awareness of security trends and developments

Skills

• Implementing/managing security tools (SIEM, vulnerability scanning, anti-virus, EDR, etc.)
• Systems administration
• Red teaming
• Vulnerability analysis and management
• Programming/scripting
• Experience with M365, Splunk, Cloudflare, Proofpoint and New Relic supporting our businesses SaaS based platform.

Abilities

• Ability to work in a team environment
• Ability to communicate information and ideas, both verbally and in writing, so others will understand
• Ability to thrive in dynamic, fast-paced software development environment
• Proactive, detail-oriented professional
• Ability to establish priorities, work in independent and team situations, and proceed with objectives as needed
• Ability to work with all levels within the organization
• Flexibility to adjust to changing priorities and simultaneously work on high visibility projects to assure completion
• Ability to take a practical business-focused approach to IT Security
• Strong analytical, problem-solving, communication, and technical skills

Other Essential Requirements

• Requires a bachelor's degree (or international equivalent) or 5+ years of relevant experience.