JOB SUMMARY
As a Security Engineer, you will play a pivotal role in protecting the organization’s digital infrastructure, systems, and sensitive data. Your core responsibility is to design, implement, and maintain robust security controls that safeguard against both internal and external threats. You will work closely with IT and development teams to integrate security best practices into every layer of technology, ensuring that risk mitigation and compliance remain at the forefront of all operations. Your deep technical knowledge will be essential in monitoring vulnerabilities, responding to incidents, and continuously enhancing the security posture of the organization. By proactively identifying and addressing emerging security risks, you will ensure the ongoing resilience and integrity of critical assets.
MAJOR DUTIES AND RESPONSIBILITIES
- Design and implement comprehensive security controls to protect organizational systems, networks, and sensitive data.
- Design, configure and support SIEM solutions (e.g., Splunk, CrowdStrike, Azure Sentinel) for log aggregation, event analysis, and real-time threat detection.
- Strengthen security across cloud environments by implementing identity management, encryption, and continuous monitoring.
- Collaborate with IT and development teams to integrate security best practices throughout all technology layers and operations.
- Provide expert security guidance during the design and review of technology systems and applications to ensure security best practices are embedded from the outset.
- Conduct regular vulnerability assessments and coordinate remediation efforts to maintain a strong security posture.
- Identify and mitigate emerging threats and attack vectors (e.g., XSS, SQL injection, session hijacking, social engineering) through risk assessments and implementation of countermeasures.
- Lead incident response initiatives, investigate and resolve security events, and enhance incident preparedness.
- Develop, update, and enforce standard operating procedures (SOPs) and security policy documents to ensure compliance with industry standards.
- Coordinate and conduct information system and third-party risk assessments in accordance with NIST-based frameworks.
- Perform other duties as assigned.
EDUCATION/TECHNICAL REQUIREMENTS
Bachelor’s degree in computer science, engineering, Cybersecurity, or related field.
EXPERIENCE
- 5-7 years of experience in securing cloud and on-premises infrastructure.
- Hands-on experience with DevOps practices and security integration into CI/CD pipelines.
- Expertise in conducting HIPAA, SOC2, and SOX assessments/audits.
- Advanced experience with security tools such as next-gen firewalls, WAFs, endpoint security, encryption, email filtering, and data loss prevention solutions.
- Strong engineering skills with Windows Server environments, DNS, DHCP, Active Directory, and network switching.
- Experience in configuring and managing SIEM platforms like Splunk, CrowdStrike or Azure Sentinel.
- Demonstrated experience implementing Risk Management Frameworks (e.g., NIST RMF or equivalent
CERTIFICATES, LICENSES, REGISTRATIONS
CISSP is highly preferred
#LI-REMOTE