The Security Engineer is a team player who defines, reviews, and enforces information security policies, standards and guidelines to deliver security solutions for all ongoing business activities. The goals are to provide appropriate access to and protect the confidentiality, integrity and availability of customer, employee, business information and data in compliance with organization policies and standards. The individual needs to embrace the teamwork spirit to further the information security team to excel in its organizational objectives.

Relocation package is an option.

The Security Engineer role reports to the Information Security Manager.

Primary Duties and Responsibilities

The primary duties and responsibilities of the Security Engineer follow:

· Provide an interface between the business and IT for technical security projects.

· Create security strategies to improve controls and architecture for critical security infrastructure including endpoints, mobile devices, authentication and authorization, logging, detection.

· Maintain the security information and event management solutions SIEM.

· Provide subject matter expertise on system, application, and network security.

· Execute vulnerability scanning, penetration testing, and patch management activities, serving as primary contact for scanning-related issues and manages relationship with partners

· Assess, configure and deploy Endpoint security solution to enable early detection of threat and malicious activities.

· Participate in security incident response plan, support detection and classification, define containment, remediation and recovery strategies with the team.

· Ensures security requirements are been identified and developed early in project lifecycle.

· Monitor and verify that the network is appropriately protected from internal or external threats.

· Identifies security risks, threats and vulnerabilities of networks, systems, applications and new technology initiatives.

· Assess risk arising from third-parties, vendors and partners in our ecosystem and design controls to mitigate such risks.

· Continuously improves internal security controls to protect systems and data from unauthorized access, modification, and destruction.

Qualifications
Experience / Education / Certifications

· Bachelor’s degree preferred in Computer Sciences, Information Technology, Information Security or other related field.

· Five (5) years of related work experience in technology, infrastructure, engineering, architecture and security.

· Practical knowledge of any combination of Payment Card Industry (PCI), GDPR, NIST standards, or ISO27000 series.

· At least one industry standard certification such as Security+, GSEC, GCIH, Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA) or other security vendor certification.

Skills

· Team player able to work effectively at all levels of an organization with the ability to influence others to move toward consensus.

· Excellent verbal and written communications skills.

· Ability to solve complex problems in a timely manner by working with multiple stakeholders.

· Understanding of and practical experience with internal/external certificate authorities, Microsoft Windows preventive and detective controls, Microsoft Active Directory design/architecture and security, data loss/leak prevention and multifactor authentication.

· Experience of network design, mobile security, network and firewall security technologies and vulnerability management, scanning.

· Hands-on expertise operating in an AWS or Azure environment a plus, including architecture and security capabilities in the cloud.

· Knowledge of web application security, browser security models, and application security vulnerabilities such as the OWASP Top Ten.

· Deep understanding of network attacks, DDoS, Phishing, email protocols/security/spam, encryption, authentication, logging and log analysis, IP and device reputation, and security rules and policies.

· High degree of skill and knowledge in managing and part taking in incident response, Intrusion Prevention Systems, Intrusion Detection Systems, SEIM, Endpoint security solutions.
Flexibility to travel as required up to 15% overnight travel