Sr. Security Engineer
Senior Security Engineer
What you'll be doing:
As an IT Security Engineer, you’ll be an advocate for the future in IT Security and Compliance. You will have the opportunity to develop, implement and maintain security solutions and mechanisms throughout our corporate and production environments. Additionally, you will assist in setting the architectural direction and interfacing with business and technology groups throughout the organization to deliver cutting edge solutions.
Your core priorities will be to:
- Provide network and application (Application is a plus) security guidance to IT teams
- Continuously evaluate the infrastructure (on-prem and cloud), propose enhancements and design changes as needed
- Practice proactive maintenance to ensure proper security posture
- Evaluate new technologies and trends, while making recommendations to improve the security of our environment
- Collaborate with Product teams, Engineering, Development, and Compliance to ensure operational readiness of new solutions and ongoing optimization/improvement of existing solutions
- Oversee and develop security standards based on security best practices
- Develop a methodology for log aggregation, monitoring, and analysis to enable fast response to security events
- Assist with framework development for internal pen test and vulnerability assessments
- Provide security training across IT teams
- Respond to security incidents, assist with troubleshooting and provide on-call support as needed
What you should have:
- In-depth knowledge of topics such as IPS/IDS, Firewalls, cloud security, DDoS, SIEM, etc.
- Strong understanding of IT security principles along with heavy security operations experience
- Background in application security, secure SDLC and penetration testing (This is a plus)
- Experience with large Linux environments
- Understanding of networking principles and protocols
- A Bachelor’s degree in IT Security, Engineering, Computer Science, or related study
Nice to have:
- CISSP, CISA, CISM, or other related certifications
- Experience with PCI-DSS
About our team:
Our IT Security Engineering Team works alongside our Systems, Monitoring, Application Engineering, and Network Engineering teams to deliver top notch, secure infrastructure and automation solutions. We are experts in the IT security field, but are also well-versed in networking, applications, development life cycles, and automation techniques. We have passionate debates about technology with consensus in solutions, flexible team structures, an irrelevance of title in problem solving, and a desire to do the right thing.
Each member of our team works and supports all security tools and will never be limited to a specific solution allowing for continued growth.
We currently use a multitude of Security tools such as Palo Altos, Cisco ASAs, F5 technologies, AWS security services, ForeScout, Proofpoint, CyberArk, Nessus and Splunk SIEM to provide security controls throughout the environment. Our server and application platform primarily runs on Vmware and several workloads exist in Amazon, with plans to expand services into the cloud.