Cyber Security Engineer

The Role

At Fusion, we "Protect the Covenant of Trust" between our Software Users and our customers' key stakeholders. A key element of protecting that covenant of trust is ensuring our software and organization follow industry best practices to ensure the security and integrity of customer data. The Cyber Security Engineer will play a vital role in this critical objective.

The Cyber Security Engineer will report directly to the Cybersecurity Manager and will assist in maintaining and optimizing Infrastructure and Product security, documentation, and adherence to Fusion's policies and standards.

The specific responsibilities of this role are as follows:

• Conduct cybersecurity assessments on managed systems and technologies, ensuring compliance to Cybersecurity Standards.
• Design, implement, and maintain security controls within Azure environments.
• Collaborate with cloud architects to ensure secure Azure architecture and configuration.
• Monitor and ensure compliance with industry standards (e.g., NIST, CIS), regulatory requirements, and internal security policies.
• Engineering, implementing and monitoring security measures for the protection of computer systems, networks and information
• Monitor Security logs, SIEM, IDS/IPS, endpoints, etc. for security alerts, identify vulnerabilities and configuration issues and resolve or escalate accordingly.
• Participates in Incident Response and Investigation process.
• Maintain documentation of security configurations, policies, and procedures.
• Generate reports and provide updates to management on security status.
• Participate in discussions with prospects and customer IT Security Teams during the Sales and Vendor Due Diligence processes, explaining the security posture of the Fusion Framework System, as well as the security posture of Fusion Risk Management as an organization
• Perform security due diligence on Fusion's 3rd Party Vendors, ensuring they comply with Fusion's security standards
• Respond to information security issues during each stage of a project's lifecycle
• Assist in yearly 3rd Party Audits of Fusion including but not limited to Fusion's SOC 2, Salesforce.com Security Review of Fusion Assets, Fusion Framework Penetration Testing, and more as needed

Someone who is an Azure Administrator and is interested in a Cyber Security role would be great for this position as well.

Knowledge, Skills, and Abilities

• Strong understanding of Azure cloud services, including Azure Security Center.
• Awareness of current security threats and have an understanding of security standards, practices, procedures, and tools
• Understanding of Agile development concepts and methodologies
• Knowledge of:
• Public cloud platforms (e.g. Microsoft, Salesforce, AWS, Azure)
• Understanding of Agile development concepts and methodologies
• Identity and access management principles
• Application security and encryption technologies
• Secure network architectures
• IDS/IPS, penetration and vulnerability testing
• Firewall and intrusion detection/prevention protocols
• Network and web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
• Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware and enhanced authentication

Qualifications (Education and Experience)

• Bachelor's degree or 3+ Year Experience in a Windows environment 
• 3+ years of experience as an Information Security Engineer, preferably with a focus on Azure architecture
• Industry Cybersecurity certifications (SANS, ISACA, ISC2, Offensive Security, etc.) are highly preferred.
• Prior experience as a cybersecurity practitioner (e.g. – experience in a cybersecurity domain such as network security, access control, cloud security, etc.)
• Experience working with cybersecurity frameworks (NIST, ISO, etc.)
• Experience conducting info sec risk assessments or technology audits
• Prior experience as a cybersecurity practitioner (e.g. – experience in a cybersecurity domain such as network security, access control, cloud security, etc.)
• Experience with infrastructure software/hardware

Milestones for the First Six Months

In one month, you will:

• Complete training on Fusion platform and other learning tools training.
• Initiate relationship-building with key internal partners
• Gain a thorough understanding of the existing security infrastructure, policies, and protocols in place.
• Begin reviewing existing security processes and suggest initial improvements where necessary.

In three months, you will:

• Perform initial security assessments or audits on critical systems and applications, identifying vulnerabilities and recommending remediation steps.
• Attend internal meetings with business partners to provide feedback and insight.
• Start maintaining detailed documentation of security processes, findings, and recommendations. Prepare regular security reports for management and stakeholders

In six months, you will:

• Independently work on a range of assigned range of task
• Continually evaluate and improve the security posture of the organization, proactively identifying emerging threats and recommending appropriate countermeasures.
• Play a key role in incident response and recovery efforts, demonstrating the ability to handle security incidents effectively.

Disclaimers

This position may be performed remotely anywhere within the United States except for the states of New York, California, and Colorado.

Fusion is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, age, pregnancy, military service or discharge status, genetic information, sex, sexual orientation, gender identity, or national origin. Nothing in this job posting should be construed as an offer or guarantee of employment.