Security Engineer

Essential Responsibilities

• Vulnerability Assessment and Remediation: Conduct regular security assessments and penetration testing to identify and address vulnerabilities in our systems and applications.
• Incident Response: Develop and maintain incident response plans, and participate in incident response activities, including investigations and root cause analysis.
• Security Policy and Procedure Development: Collaborate with cross-functional teams to develop and maintain security policies, standards, and procedures.
• Security Monitoring: Implement and maintain security monitoring tools and systems to detect and respond to security threats in real-time.
• Firewall and Network Security: Configure and manage firewalls, IDS/IPS, and other network security devices to protect the organization's network infrastructure.
• Security Awareness and Training: Organize and provide security awareness and training programs for employees to enhance security consciousness.
• Compliance and Auditing: Ensure compliance with industry regulations and standards, and assist with security audits and assessments.

Required Experience/Skills & Attributes

• All candidates must be a US citizen. 
• Bachelor's degree in Computer Science, Information Security, or a related field.
• Proven experience as a Security Engineer or similar role in an enterprise environment.
• 4+ years of experience in technical roles involving cyber security.
• Strong knowledge of cybersecurity principles, best practices, and industry standards (e.g., ISO 27001, NIST).
• Proficiency in security tools, such as SIEM, intrusion detection systems, and vulnerability scanning.
• Experience with configuring and managing firewall and network security technologies.
• Strong scripting and automation skills for security tasks (e.g., Python, PowerShell).
• Excellent problem-solving and analytical skills.
• Strong communication and collaboration skills to work effectively with cross-functional teams.

Helpful Experience/Skills & Attributes

• Security certifications such as CISSP, CEH, or CISM.
• Working knowledge of OneTrust, Tenable, and BurpSuite.
• Knowledge of cloud security and experience with cloud platforms (e.g., AWS, Azure).
• Experience with DevSecOps and integrating security into the CI/CD pipeline.
• Familiarity with web application security testing (e.g., OWASP Top 10).

Personal Characteristics

• Strong attention to detail and a proactive approach to problem-solving.
• Ability to work effectively in a fast-paced and dynamic environment.
• A commitment to continuous learning and staying updated on the latest security trends and threats.
• Strong ethical and moral principles with a commitment to maintaining confidentiality.

Success Measures

• Reduced number of security incidents and vulnerabilities.
• Timely and effective incident response and resolution.
• Successful implementation and adherence to security policies and procedures.
• Positive feedback from internal teams on security awareness and training programs.
• Successful completion of security audits and compliance assessments.