Sr. Info Security Engineer
Description:
Overview:
Position Summary:
The Information Cloud/Application Security Engineers’ primary responsibilities include identifying and validating application and cloud vulnerabilities and system misconfigurations, working with owners to remediate and validating remediation was successfully completed. In addition, recommending and overseeing cloud and application security best practices, and developing proactive and detective controls as it relates to cloud, application, data and api security. This role will be a part of the security operations team supporting security tools and technologies used to investigate and respond to security alerts. In addition, this role will manage, assign and track to closure Security Operations Center (SOC) tickets and investigations. This work requires the engineer to be extremely detailed in their work and thorough in how the work is documented, tracked, and closed.
Organizational Relationships:
The incumbent works with the Information Technology team and the business to support secure information process and technology.
Primary Job Responsibilities:
Managing and supporting application/code scanning tools and process.
Knowledge in application security vulnerability identification, validation and remediation tracking.
Identifying and validating application vulnerabilities.
Working with application development teams to validate and remediate application and api vulnerabilities.
In addition this resource will Work with business and development teams and monitoring cloud resources to ensure security requirements and standards are met.
Cloud Security Incident response handler, recommending security best practices, implementing and overseeing security compliance.
Responding to Cloud Security events, managing web application firewall rules, creating rules and policies to address immediate security threats and developing and implementing rules based on current and anticipate security threats.
Monitoring and managing cloud security resource utilization.
Managing and supporting cloud security tools both preventive and detective.
Developing and recommending cloud security standards.
Additional Responsibilities:
Supporting security operations activities responding to general security alerts, participating in on call schedule, and supporting security tools.
Analyzing logs, identifying, recommending, and improving current logging requirements.
Assisting in evaluating, planning, configuration, and implementation of new/existing security applications/tools.
Configuring, implementing, monitoring, and supporting security software/systems that will help ensure compliance with regulatory, industry, and corporate policies and procedures. This includes but is not limited to Intrusion Detection System/Intrusion Prevention System (IDS/IPS) (Host/Network/Wireless), secure file transfer, Data Loss Prevention (DLP), full disk encryption, firewall rule assessments, log management/correlation, secure password storage/retrieval, application whitelisting, vulnerability management, threat hunting, etc.
Utilizing Endpoint Detection and Response (EDR) and Anti-Virus solutions deployed within the environment.
Identifying security threats and provide recommendations and remediation steps.
Demonstrate behaviors consistent with the Company’s Vision, Mission, and Values in all interactions with customers, co-workers, and suppliers.
Adheres to all company policies, procedures, and safety standards.
Experience
3-5 year’s relevant experience, cloud security in Information Security in medium to large organizations
2-3 years' experience working with application development and cloud environments a plus.
Application development, api knowledge, code review required.
Experience working with OWASP vulnerabilities.
Experience with Azure/AWS Cloud Security and related tools like application waf, cloud alert aggregation, Azure Security Center et al.
Application waf configuration and management a plus.
Experience working with Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) a plus.
Creating and maintaining data security documentation, policies, and procedures.
Experience working in a Security Operations Center (SOC) / alerts handler preferred.
Additional Qualifications:
BS. Degree required in Computer Science, Information Technology, or related field of study, or any equivalent combination of relevant background, skills and experience.
One or more security certifications such as CFCE, CCE, CSFA, CISSP, CISA, SANS GIAC, or relevant security certification(s) preferred. Additional technology certifications such as MCSE, CCNA/CCNP, PMP, etc. a plus.
Hands-on experience with two or more of the following: data loss prevention technologies, incident response and remediation, network security services, ethical hacking and vulnerability scanning, firewall, application code scanning and intrusion detection technologies.
Strong analytical, prioritizing, interpersonal, problem-solving, and presentation, project management (from conception to completion) and planning skills.
Strong verbal and written communication skills.
Strong negotiation/mediation skills.
Demonstrated collaborative skills and ability to work well within a team.
Ability to work in a fast-paced and deadline-oriented environment.
Self-motivated with critical attention to detail, deadlines and reporting.
High degree of proficiency MS Office Suite, Outlook & Internet applications.
Next Possible Position:
Lead/Manager, Security Operations
Physical Requirements:
Extended working hours may be required as dictated by management and business needs.
Ability to travel (25%) to multiple facilities as business needs dictate.
May be required to lift, push, or pull materials weighing up to twenty (20) pounds.
May be required to sit and review information on a computer screen for long periods of time.
May require repetitive motions of the hands and wrist related to writing and typing at an electronic keyboard.
The intent of this job description is to provide a representative summary of the major duties and responsibilities performed by incumbents of this job. Incumbents may be requested to perform job related tasks other than those specifically presented.
Permanent