POSITION SUMMARY

Job Function: Sr. Security Engineer designs, plans, installs, and supports all systems (including network, server, communication, workstation, etc.) with an emphasis on Security Engineering to maintain the company's overall security posture and to defend against cyber-attacks.

Involved in a wide range of issues including secure architectures, secure electronic data traffic, secure network solutions, and the like.

Performs as a team member on the IT while working in tandem with Risk Management and Compliance and Security Operations teams in a day-to-day operation of critical network and platform security infrastructure.

Works with the Risk/Security team to ensure correct function of network security monitoring tools, assist with remediation of vulnerability scans, engage with risk assessments, and provide findings/responses to audit inquires.

Monitors anomalous security activity, reports, and supports resolution; while performing follow-up tasks, documentation, and feedback.

Assists in implementing security tools, procedures, and measures for the overall infrastructure and network environments.

This individual recognizes and identifies potential threats to the network and systems connected to the network from the Internet and Intranet.

Must understand the site and enterprise well enough to work through network-related issues with other segments at the facility and across the enterprise.

This position reports to the Director, IT Systems Engineering.

PRIMARY RESPONSIBILITIES

Responsible for company computing, storage, networks, communications, and data with focus on cyber security.

Ensure company compliance with emphasis on NIST CSF and focus on CIS benchmarks.

Develop high-level plans, security policies and procedures to ensure alliance with the business and IT objectives.

Design and implement access controls to protect systems and sensitive data from unauthorized access.

Stays current with emerging threats and recommends new technologies and mitigations to prevent attacks.

Engage and work with various security vendors for services, software, solutions, etc. that are provided by those vendors to augment IT's security environment or for new IT Security services and products.

Responsible for overseeing Nessus vulnerability mitigations, establishing key metrics for reporting, baseline hardening, and continuous development of security posture.Remediate detected vulnerabilities to maintain a high-security standard operating within corporate's risk appetite.

Responsible for engagement with penetration testing, including remediation of pentest findings.

Work with vSOC on alerts, issues, and the like for timely resolution and remediation.

Manage the overall patch management process (i.e. patching of server and workstations, patching for all hardware devices, appliances, applications, etc.).

Take ownership of and address IT assigned tickets regarding security related items/issues for timely resolution.

Monitor network infrastructure/systems for security threats, establish procedures for identifying and isolating threats, reducing threats/attack surface.

Serve as an internal resource for investigating security breaches and assessing their damage, gathering root cause, preparing breach notification communication, and establishing chain of custody for forensics.

Establishing, monitoring, and enforcing the security programs of all informational platforms, software selection, including both physical and electronic.

Help colleagues install security software and understand information security management practices.

Performs other job-related duties and responsibilities as assigned

QUALIFICATIONS

Excellent time management skills to meet deadlines effectively and efficiently.

Ability to plan, prioritize, and manage multiple projects related to IT security.

Action oriented, willing to work in ambiguity and step outside the bo to accomplish goals.

Customer focused; work with your internal customers in mind and dedicated to meeting their expectations.

Outstanding people skills with the ability to work with all levels of employees.

Excellent communication skills, both verbal and written.

Strong problem-solving skills.

PREFERRED EDUCATION AND EXPERIENCE

Bachelor's degree in computer technology or related area or equivalent years of directly related experience.

SKILLS, KNOWLEDGE, ABILITIES

Experience with compliance, NIST framework, CIS benchmark and ITIL standards.

Experience with the following solutions (or equivalent solutions): PAM, EDR/XDR, Okta MFA, Nessus, Checkpoint Avanan email security, MS Sentinel, Service Desk Patch, MDM solutions, Carbon Black, Defender, etc.

Experience with VMware (server virtualization and VDI, Windows Server, Bitlocker, MS365, MS DLP, Windows 10/11,

Familiarity with Palo Alto firewalls, Juniper switches and wireless, network protocols, etc.

For more information, or to apply now, you must go to the website below. Please DO NOT email your resume to us as we only accept applications through our website.

https://volcorp.pshire.com/jobs/969-1995.html