Information Security Engineer

About The Position

Requirements

• At least 2 years of experience in cybersecurity, focused on providing daily support and administration, as well as tuning and optimizing cybersecurity tools and applications
• Experience with SIEM tools
• Experience with vulnerability management and remediation for infrastructure and applications
• Experience with incident handling and security operations
• Knowledge of operating systems, network architecture and protocols, and secure system design
• Proficiency in scripting languages (e.g. Python, PowerShell)
• Continuous learner with a passion for improving security architecture
• Fundamental understanding of information security control frameworks (e.g., CIS Critical Security Controls, ISO 27001, NIST SP800-453, COBIT, ITIL, OWASP, etc.)
• Fundamental understanding of the following information security capabilities: Endpoint protection Endpoint detection and response SIEM technologies Firewalls, intrusion detection, and intrusion prevention systems Secure internet gateways and secure email gateways Vulnerability and web application security scanning Web application firewalls Single sign on and multi-factor authentication Honeypots and deception tools Encryption MITRE ATT&CK Framework Incident response
• Demonstrated ability to lead complex projects, manage timelines, and deliver results in a fast-paced environment
• Strong analytical and problem-solving abilities
• Strong communication and documentation skills
• Demonstrates focused team orientation and effectiveness in collaborative work environments

Nice To Haves

• University degree in MIS, Computer Science, IT, Cybersecurity, or related fields
• Security+, Associate of ISC2, Cybersecurity Practitioner (CSX-P), CISSP, or other relevant security related designations
• Familiarity with regulatory compliance frameworks
• Threat intelligence and understanding of the threat landscape

Responsibilities

• Accountable for the implementation, daily management, and administration of cybersecurity tools, infrastructure, and capabilities, as well as the continuous tuning and optimization of these resources
• Conduct internal and external vulnerability assessments and web application security scans; collaborate with IT teams to recommend remediations, obtain remediation plans and dates, and track these plans through to closure
• Analyze and resolve security challenges by adapting standard processes and exploring alternative approaches to address complex threats
• Use scripting, automation, and artificial intelligence resources to scale security operations, integrate tools, reduce human error, and boost efficiency
• Partner with cybersecurity peers, IT staff, and other relevant stakeholders throughout incident response process
• Partner with peers and internal teams (both technical and non-technical) to drive security initiatives, contribute to cross-functional projects, gather and incorporate feedback, and drive continuous improvements in security processes
• Document and maintain comprehensive operational procedures and security baselines for all supported cybersecurity tools, infrastructure, and capabilities
• Advise project teams on security requirements and ensure standards are integrated during the requirements phase
• Assist with developing company security policies, standards, baselines, and procedures as needed
• Carry out additional responsibilities as assigned

Benefits

• Medical, vision & dental benefits upon hire
• 401K with company match
• Paid Time Off & Company Holidays
• Wellness Program
• Tuition reimbursement
• Employee pork purchase program