Salary Range:$125,000.00 To 155,000.00 Annually
JOB SUMMARY:
Reporting to the Director of Information Security Operations, the Security Engineer is responsible for the day-to-day administration and SME of our security tooling, including utilizing one or more of these tools to ensure we comply with policies, regulations, and security best practices. The Security Engineer will also collaborate with our IT Engineering Team to remediate any insecure system/network/cloud architecture design, application/security control exceptions, vulnerabilities, and misconfigurations identified by our security tooling.
In addition, the Security Engineer will primarily support the Security Operation with data loss prevention, privilege access management, SIEM, firewall configuration, content filtering, file integrity monitoring, secure e-mail platform, and security tool deployment. The security Engineer will also be backup to our security monitoring functions, including assisting the Team in investigating potential security incidents, including containment and evidence gathering. As such, the Engineer will need to keep current not only on the latest threats and emerging cybersecurity risks but also assist in designing security controls and/or mitigation to reduce the likelihood and impact of a materialized attack.
The ideal candidate must possess at least five years as a security engineer, be meticulous and conscientious, and have strong technical skills in system, network, and cloud security while working in a heavily regulatory environment. The candidate should be a self-starter with great prioritization, consistent drive, and an innate ability to work in a fast-paced environment. Strong written and oral communication skills, the ability to work in a team environment, and a collaborative attitude are required.
Note: Please list the security stacks/tools you have worked with as part of your resume.
PRIMARY FUNCTIONS (Other Duties May Be Assigned)
- Primary administrator to our data classification policies, data loss prevention, privilege access management, password management system, network/web application/API firewall administration, log management/SIEM, content filtering, file integrity monitoring, and secure e-mail systems
- Periodically review host/network/cloud firewall rules and review all configuration changes.
- Assists the Security Operations Team in performing security monitoring and gathering threat intelligence on our application, network, system, database, virtualization, and cloud security.
- Conducts periodic compliance scans and reviews to ensure we comply with regulatory guidelines and security best practices
- Assists the Director of Security Operations with investigating potential security incidents, including containment and evidence gathering.
- Keeps current with emerging security issues, trends, and tools.
- Assists the Director of Security Operations with various information security self-assessments, audits, and regulatory examinations.
- Supervisory Responsibilities: This position does not include supervisory responsibilities
QUALIFICATIONS:
Education and/or Experience
- Bachelor's degree or higher from an accredited college or university in a technical field (Computer Science, Management Information Systems, Engineering) and/or equivalent experience.
- Security certifications required (e.g., CISSP, CISA, CISM, CEH, Security+)
- Minimum five+ years of hands-on experience in IT and or Security Engineering in a regulated environment (FDIC, NACHA, and PCI)
- Working knowledge of CI/CD pipeline, container orchestration and security, application security, and DevOps processes
- Strong IaaS, PaaS, and networking background desired
Abilities:
- Strong analytical, critical thinking, and problem-solving abilities
- Ability to set priorities, meet deadlines, and multi-task with minimal supervision
- Ability to respond to escalated supported cases with a sense of urgency
- Ability to quickly learn technologies using documentation and internet resources
- Ability to effectively communicate with employees, executives, and vendors in a wide range of situations
- Great interpersonal and communication skills
- Excellent analytical, decision-making, problem-solving, and conceptual skills