JOB OVERVIEW
The Security Engineer helps to evaluate and remediate information security threats and risks. Performs threat hunting and incident response activities. Configures and administers all information security tools within the organization while working closely with other information technology teams to develop a secure infrastructure. The Security Engineer will ensure the secure deployment of cloud technologies. This role will work closely with Networking, Server and Virtualization, Software Development, and End User Support engineers to help ensure a security first mindset within all areas of the Information Technology organization.
RESPONSIBILITIES & DUTIES
- Implements and supports security tooling architecture for cloud and on-premises environments including but not limited to: SIEM, vulnerability management, dynamic and static code analysis tools, endpoint protection, WAF, next generation firewall technologies, DLP, IDS/IPS, and email protection.
- Designs and develops security architectures for cloud/hybrid-based systems in Azure and AWS cloud computer environments
- Designs and develops secure deployments of Microsoft Office365 collaboration tools including SharePoint, OneDrive and Teams.
- Works closely with information technology team members in identifying, troubleshooting and remediating security risks in the information technology environment
- Conducts forensic analysis for investigations related to cases associated with potentially malicious activities
- Performs regular internal and external IT security assessments and network penetration testing, reporting, and issue resolution
- Maintains current knowledge of security threats, emerging information security technology, and industry best practices and trends
- Analyzes and monitors network traffic to provide early detection and prevention regarding risks, threats and vulnerabilities
- Responds and coordinates security incident identification and remediation
- Makes recommendations and assists in implementing changes to work processes and procedures to strengthen and improve Company security measures
- Investigates and documents issues/incidents involving the Company’s secure infrastructure
- Works with developers and infrastructure engineers during the design phase to ensure security best practices are implemented
- Engages in regular user awareness security training
- Develops and deploys custom deception technologies
- Assists with researching, implementing, and maintaining network security infrastructure including intrusion prevention systems, firewalls, DNS, internet protection, and endpoint security
- Provides knowledge sharing of information security practices and methodologies to the team
- Functions as a backup resource to the Network Engineer
- Follows internal procedures which include change management and incident management, as well as problem escalation
- Provides after-hour and weekend support for critical infrastructure as needed
- Performs other duties as assigned.
QUALIFICATIONS
- Bachelor’s Degree in relevant field or 10 years relevant technical experience with at least five (5) of those years in security roles
PROFESSIONAL CERTIFICATIONS
- Security+, CISSP, CEH, GSEC, GCIA, or OSCP certification preferred
TECHNICAL SKILLS
To be successful in this role, you should have experience with and an understanding of the following:
- Expert knowledge in: Active Directory, Virtualization, Office365 deployments, cloud infrastructure (such as Azure and AWS), and Windows and Linux systems
- Experience with next generation firewall technologies including IDS/IPS, application detection, SSL decryption, and binary sandboxing
- Experience with deployment, maintenance and monitoring of SIEM technologies
- Experience in building secure system baselines for Windows and Linux systems
- Experience performing incident response activities such as log review, traffic monitoring, system baselining, and malware detection
- Experience with MfA technologies
- Experience with running a vulnerability management program
- Experience with routing and switching troubleshooting
- Experience securing both traditional enterprise systems and internet facing applications
- Experience with automation and scripting using languages such as Powershell and Python
CULTURAL COMPETENCIES
In addition to our core company competencies of Cultivates Innovation, Nimble Learning, Action Oriented, Collaborates, and Being Resilient, a successful candidate in this role should exhibit the following behavioral competencies:
- Strategic Mindset
- Collaborates
- Resourcefulness
- Instills Trust
PHYSICAL DEMANDS/WORK ENVIRONMENT
This job operates in a professional office environment and routinely uses standard office equipment. While performing the duties of this job, the associate is regularly required to speak and hear. The associate is frequently required to sit for extended periods of time, as well as stand, walk, use hands and fingers, and reach with hands and arms. This job requires the ability to lift files, open filing cabinets, and bend or stand on a stool as necessary.
DISCLAIMER/ASSOCIATE ACKNOWLEDGEMENT
The above statements describe the general nature and level of work only. They are not an exhaustive list of all required responsibilities, duties, and skills. Other duties may be added, or this description amended at any time.
Equity Trust Company is an equal opportunity at will employer and does not discriminate against any employee or applicant for employment because of age, race, religion, color, disability, sex, sexual orientation, or national origin. If you have a disability that requires accommodation or paper application, please contact us at careers@trustetc.com.
