Learn what makes QTS a unique place to grow your career! (https://vimeo.com/727409140/ff26de87d4)

The Information Security Engineer is responsible for monitoring and management of information security solutions. The engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.

With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the Security Engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors.

RESPONSIBILITIES, other duties may be assigned.

• Handle day-to-day , monitoring and operational support of security solution hardware, software, managed solutions, and service provider relationships.

• Actively participate in security team meetings that facilitate secure design, implementation and operation.

• Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).

• Assist with security incident response and system stability/availability issues as they occur. This may occasionally include involvement outside of regular work hours, and responsiveness is expected.

• Implement solutions observing compliance –Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), SOC 2, HITRUST, FISMA etc. – and privacy laws.

• Work in tandem with architects, the security analysts, risk/compliance analysts, incident responders (in cases of anomalous activity and host compromise), TechOps and development team members.

• Respond to and handle service and escalation tickets within SLA expectations.

• Participate regularly in change project and change management meetings.

• Research, validate and deploy solutions meeting security and business needs.

• Follow security engineering fundamentals and processes as defined in QTS documents and industry best practice documents.

• Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).

• Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.

• Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.

• Perform other duties as assigned.

BASIC QUALIFICATIONS

• At least 5 years’ experience in cybersecurity, compliance and risk management with a system and/or network security engineering background.

• Highly technical and analytical expertise, with a proven deep background in information technology design, implementation and delivery.

• Experience in securing on premise networks and systems.

• Experience in securing cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.

• Knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, end point protection solutions including endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies, 802.1X/NAC, and application controls

• Skilled in vulnerability assessment and penetration testing requirements.

• Excellence in communicating business risk from cybersecurity issues.

• Experience managing or using SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools.

• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.

PREFERRED QUALIFICATIONS

• Proficient with scripting in Python, JavaScript, PowerShell, PHP or Ruby.

• DevOps background with experience in compliance obligations.

• Holds or working toward one or more of the following certifications: SANS GIAC, CCSP, CISSP, Cisco CCIE, AWS Certified Cloud

• Practitioner or additional AWS advanced certifications such as AWS Certified DevOps Engineer, VMware Certified Professional, Microsoft Azure Security Engineer Certification, Microsoft Identity and Access Administrator.

KNOWLEDGE, SKILLS AND ABILITIES

• Experience working collaboratively in a team environment

• Excellent interpersonal skills with the ability to interface with all levels of the organization

• Ability to think strategically and tactically, with effective decision-making skills

• Experience with CyberArk Privileged Access Manager, Cisco ISE, Cisco Secure Network Analytics (Stealth watch) or Palo Alto Networks Threat Prevention.

• Experience with firewall policy creation, maintenance and analysis.

• Experience with security automation solutions (SOAR), especially for firewall policies.

• Experience with Amazon Web Services (AWS) or Microsoft Azure.

• Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) Act, SOX, the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2.

• Working knowledge of Windows, Linux, Unix, and network device operating systems (IOS, NX-OS, ASA, PANOS, F5, Citrix.

TOTAL REWARDS

• This role is also eligible for a competitive benefits package that includes: medical, dental, vision, life, and disability insurance; 401(k) retirement plan; flexible spending and HSA accounts; paid holidays; paid time off; paid volunteer days; employee assistance program; tuition assistance; parental leave; military leave assistance; QTS scholarship for dependents; wellness program, and other company benefits.

• This position is bonus eligible.

We conform to all the laws, statutes, and regulations concerning equal employment opportunities and affirmative action. We strongly encourage women, minorities, individuals with disabilities and veterans to apply to all of our job openings. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin, age, disability status, Genetic Information & Testing, Family & Medical Leave, protected veteran status, or any other characteristic protected by law. We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer or the government, or against any individuals who assist or participate in the investigation of any complaint or discrimination claim.

The "Know Your Rights" Poster is included here:

Know Your Rights (English) (http://www.eeoc.gov/sites/default/files/2022-10/22-088_EEOC_KnowYourRights_10_20.pdf)

Know Your Rights (Spanish)

The pay transparency policy is available here:

Pay Transparency Nondiscrimination Poster-Formatted (https://www.dol.gov/sites/dolgov/files/OFCCP/pdf/pay-transp_%20English_formattedESQA508c.pdf)

QTS is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to talentacquisition@qtsdatacenters.com and let us know the nature of your request and your contact information.

QTS Data Centers was built around the Core Values of Integrity, Character, and Trust. We prioritize family, faith and community involvement while leading with strong, honorable, and principled behavior. We started this journey in 2003 when our CEO, Chad Williams, purchased his first data center in Overland Park, KS. Humble beginnings that have led to 35+ data centers and growing. Recently privatized in a $10 billion transaction with Blackstone, one of the most notable real estate investments companies in the world, QTS is positioned to execute on a global expansion initiative and we are looking for the best and brightest to join our team.

At QTS, we’re fearlessly leading the way by redefining what it means to be a data center provider. QTS is entrusted with providing world-class data center solutions to enterprises, government agencies as well as the largest and fastest growing technology companies in the world. We deliver a fully-integrated platform from top to bottom – one enabled by technology and world-class infrastructure. Simply put, we’re innovating to stay ahead of the curve.

We are powered by people.

And we’d like to invite you to join us.

In addition to a variety of benefit packages, QTS goes above and beyond for our employees:

• Roth and Traditional 401(k) matching contributions with immediate vesting

• Every employee is bonus or commission eligible

• Generous PTO Accrual plus additional Paid Volunteer Days

• Paid Holidays Annually/Holiday compensation when worked

• Pet and Legal Insurance

• Q-Rest Sabbatical Program

• Q-Anniversary Service Award Program

• Parental Leave for primary and secondary caregivers

• Military Benefits Package

• QTS Charitable Matching Gift Program

• QTS Scholarship for Employee Dependents

• QTS Crisis Fund

• Wellness Program

• Tuition Reimbursement Program