The Senior Information Security Engineer is a technical lead responsible for securing the environment using new and existing technology to monitor, assess, and mitigate internal and external risks to the company’s network infrastructure and business applications. This role act as a security subject matter expert, leading and mentoring other security engineers. Our network and applications handle millions of transactions annually in our 900+ stores nationwide, as well as a significant ecommerce business. We are looking for a highly motivated, hands-on information security professional to join our Security Team.
Major Responsibilities
- Develop and implement information security plans and policies.
- Act as security subject matter expert to proactively audit technical environments and identify areas that do not follow best practices, pose potential security risks, and suggest recommendations for remediation.
- Monitor networks/systems using event detection tools and lead incident response investigations through proactive action, delivering clear communication, and planning an effective resolution.
- Perform routine network and application-level vulnerability scans as required by the organization.
- Design, configure, and implement vendor supported and open-source tools to assist in detection, prevention, and analysis of security threats.
- Apply business knowledge and technical experience to execute various tasks and consult/recommend improvements to information security operations.
- Apply analytical, problem solving, and decision-making skills with a service focused attitude to improve the organization’s overall security posture.
- Provide hands-on support for a wide range of security technologies including, but not limited to SIEM, IDS/IPS, HIDS, malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, firewalls, and content filtering technologies.
- Lead the planning, implementation, and ongoing management of data security related tools and projects, collaborating with operations and data intelligence teams as necessary.
- Serve as a hands-on technical expert working directly with development and delivery teams to provide guidance and ensure solutions adhere to security policy and best practices.
- Lead the security support for applications, infrastructure, operations, and security teams as needed.
- Partner and consult with business management and security team to enforce security and IT policies.
- Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancements.
- Present and communicate security assessment results and provide recommendations to Information Systems and Business leaders as needed.
Key Competencies
- Analytical
- Troubleshooting
- Technical
- Project Management
- Focused
- Detail Oriented
- Communication, verbal and written
- Problem Solving
- Time Management
- Teamwork (place priority on the successful completion of team and company goals)
- Quick thinking/learning
- Organized
- Initiative
- Highly motivated and work effectively under minimal supervision
- Prioritization of multiple, competing deadlines
- Responsibility and accountability
Interactions
Direct Report Title
- N/A
Other Internal/External Interactions
- Management and Security Team
- Vendors
Minimum Qualifications
- Bachelor’s degree in computer science, Information Systems (or related field of study), or equivalent work experience within Information Security or a related Information Technology discipline.
- 5+ years in Information Security role(s) required, 7-10 years preferred.
- Experience assessing internal and external threats to the organizations security posture and recommending improvements to procedures and/or technologies to mitigate risks, required.
- Experience managing Security Awareness activities using SaaS applications to run phishing campaigns and schedule security training, required.
- Experience working with Third Party Risk Management Software and Solutions required.
- Experience running investigation searches using a SIEM and configuring new log monitoring rules as required by the needs of the organization, required.
- Experience analyzing the result output from infrastructure and web application vulnerability scans and consulting system owners on remediation, required.
- Possesses one technical certification (CCNP, MCSP) required.
- Possesses one or more professional security certificate (CompTIA Security Plus, CISSP, CISM, CEH, SANs) required.
- Experience designing, documenting, and revising of information security policies and common cyber security controls and architectures, required.
- Experience auditing and assessing security configurations for Windows and Linux operating systems including Active Directory, required.
- Experience assessing and applying security configurations to Office365, required.
- Experience assessing and securing network controls (i.e., firewalls and network appliances), required.
- Experience utilizing Intrusion Prevention Systems and web security services/appliances, required.
- Experience implementing, configuring, and managing Endpoint Detection and Response applications, required.
- Experience working with intelligent edge platforms that provide a secure web application firewall (WAF) for front-end applications including mobile, required.
- Experience assessing and implementing security controls for web and mobile applications including methodologies and approaches to dynamic and static application secure code testing, required.
- Experience conducting internal and external vulnerability management testing and managing pen testing engagements using third-party vendors, required.
- Experience applying IT Control frameworks, security standards and regulations (ISO27001, ITIL, NIST, PCI DSS), required. PCI-DSS experience preferred.
- Must be highly proficient with Visio, Project, Word, Excel, PowerPoint, and Outlook.
- Experience implementing third-party applications and complex solutions.
Technical Experience & Other Skills
- Experience supporting, configuring, and managing, vulnerability scanning platforms from a DSS approved scanning vendor (ASV), required; preferably using Nessus or Tennable.io.
- Experience administering and using a SIEM to monitor centralized security logs, required; preferably using Elastic Search products.
- Experience supporting and configuring Endpoint Detection and Response (EDR) systems including performing searches and investigations, required; preferably CrowdStrike Falcon.
- Experience supporting and configuring Data Loss Prevention (DLP) Endpoint protection systems including deploying policies and running reports, required; preferably ForcePoint DLP.
- Experience using Azure Activity Directory and Office 365 Security and Compliance applications, required.
- Experience using IAM tools to manage and perform ongoing assessments through automation, required; preferably using ManageEngine products.
- Experience using SaaS platforms for Security Awareness program, required; preferably Knowbe4.
- Experience utilizing technologies used for routing, switching, and subnetting, required; preferably using Fortinet products. Experience with F5 or Netscaler is a plus.
- Experience working with Web Application Firewalls, required; preferably Akamai.
- Experience working with Microsoft Active Directory and Group Policy security best practices to improve security, required; preferably using CIS benchmark standards.
- Experience configuring local security on Windows 10, Windows Server 2012/2016/2019, Red Hat Linux operating systems and MS SQL databases, required. Additional knowledge with IBMi AS/400 Security, Nutanix, DB2 and/or Netezza DB is a plus.
- Experience applying common network protocols and ports: UDP/TCP, DNS, SSL, TLS, HTTP/HTTPS, FTP, SSH, etc.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the major responsibilities.
While performing the duties of this job, the employee is regularly required to sit, stand or walk; use hands to finger, handle, or feel; reach with hands and arms; stoop or bend; and talk or hear. The employee must occasionally lift and/or move up to 50 lbs.
Position Type/Expected Hours of Work
This is a full-time position. Days and hours of work are Monday through Friday, 8:00 a.m. to 5 p.m. This position might require long hours and weekend work.
Work Environment
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The noise level in some work environments can be moderate.
Disclaimer
The above information on this description has been designed to indicate the general nature and level of work performed by employees within this classification. It is not designed to contain or be interpreted, as a comprehensive inventory of all duties, responsibilities, qualifications required of employees assigned to this job.
EEO Statement
Populus Financial Group provides Equal Employment Opportunity (EEO) to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.