Senior Information Security Engineer

Republic Services is a leader in Environmental Services, partnering with customers to create a more sustainable world.

We are Sustainability in Action - our promise to be environmentally responsible and to help our customers be environmentally responsible too.

Why choose Republic?

Joining Republic isn't just about taking on a new job, it's about making a commitment to create a more sustainable world together. Our people provide an essential service, serving and impacting customers, neighborhoods, and communities everywhere.

As a company, we are proud of our values and encourage those who share in our aspirations to join our team:

• We protect our colleagues and communities through safe practices everywhere, every day.
• We are committed to serving our customers and communities by going above and beyond to exceed expectations.
• We take action to improve neighborhoods and communities by being environmentally responsible and creating a more sustainable world.
• We are driven to deliver results in the right way.
• We encourage a human centered culture that honors the unique potential and dignity of every person.

The Senior Information Security Engineer is responsible for designing and implementing enterprise security solutions. The Senior Information Security Engineer works closely with other departments, IT teams, and vendors to evaluate and select enterprise security solutions, which advance Republic Services' security posture.

This role will specifically target the areas of Vulnerability Management (VM), Secure Software Development Lifecycle (SDLC) Management and oversee the operations and metrics collection process of VM and Secure SDLC. They will also manage the VM and SDLC toolset.

POSITION SUMMARY: The Senior Information Security Engineer is responsible for designing and implementing enterprise security solutions. The Senior Information Security Engineer works closely with other departments, IT teams, and vendors to evaluate and select enterprise security solutions, which advance Republic Services' security posture.

This role will specifically target the areas of Vulnerability Management (VM), Secure Software Development Lifecycle (SDLC) Management and oversee the operations and metrics collection process of VM and Secure SDLC. They will also manage the VM and SDLC toolset.

PRINCIPLE RESPONSIBILITIES:

• Designs and implements enterprise security solutions

• Leads administration and maintenance for enterprise security infrastructure

• Identifies, evaluates, and recommends information security technologies that improve our security posture

• Functions as the Technical Lead / SME for enterprise security

• Develops project plans and assists in the implementation of critical security infrastructure

• Builds, maintains, and manages strong relationships across cross functional teams to resolve problems and deliver information security services

• Performs Level 3 / Level 4 incident response/support to triage security events/incidents, identify root cause, determine next steps, and drive incident resolution

• Collaborates with IT teams to define and establish secure configuration standards for infrastructure

• Drafts configuration manuals, operating procedures, reports, and system hardening guidelines

• Mentors, cross-trains and develops other team members on new security tools and technologies

• Performs other job-related duties as assigned.

QUALIFICATIONS:

• Bachelor's Degree in Information Security, Information Systems, Computer Science or related field or equivalent work experience.

• Information Security certifications such as Global Information Assurance Certification - Security Essentials (GSEC), Systems Security Certified Practitioner (SSCP), Certified Information Systems Security Professional (CISSP), Cisco Certified Network Associate (CCNA) Security, Cisco Certified Network Professional (CCNP) Security, Cisco Cyber Security Specialist, SourceFire Certified Professional, SourceFire Certified Security Engineer or Certified Secure Software Lifecyle Professional (CSSLP)

MINIMUM QUALIFICATIONS:

• Minimum of 3 years of experience in an information security role with progressive experience in designing and implementing enterprise security solutions

• Experience implementing and operating at least four of the following: DNS based protections, email filtering and security, web proxies, malware analysis, threat hunting, endpoint detection and response, vulnerability scanning, or log review/investigation.

• Experience administrating application security tools in a DevOps space

• Experience integrating security into SDLC, including Static Analysis, Dependency Scanning and Dynamic Testing

Rewarding Compensation and Benefits

Eligible employees can elect to participate in:• Comprehensive medical benefits coverage, dental plans and vision coverage.• Health care and dependent care spending accounts. • Short- and long-term disability.• Life insurance and accidental death & dismemberment insurance.• Employee and Family Assistance Program (EAP).• Employee discount programs.• 401(k) plan with a generous company match.• Employee Stock Purchase Plan (ESPP).

The statements used herein are intended to describe the general nature and level of the work being performed by an employee in this position, and are not intended to be construed as an exhaustive list of responsibilities, duties and skills required by an incumbent so classified. Furthermore, they do not establish a contract for employment and are subject to change at the discretion of the Company.

Republic Services is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity or expression, national origin, age, disability, protected veteran status, relationship or association with a protected veteran (spouses or other family members), genetic information, or any other characteristic protected by applicable law.