Senior InfoSec Engineer

In this role, you’ll join a team of security engineers responsible for the corporate infrastructure used by our enterprise to run the business with observability, scalability, security and capacity planning as main functions. This role will focus on implementing and enforcing secure solutions to solve complex and unique problems at scale in the enterprise.

Responsibilities:

• Develop and maintain secure corporate infrastructure configurations, standards, and policies to prevent and mitigate risks.

• Design and implement automated alerting, remediation workflows, and compliance enforcement tools to address issues at scale.

• Identify and close gaps in security controls, systems, and tooling to strengthen posture, address threats, and ensure compliance.

• Build, update, and document security processes to improve consistency and efficiency across teams.

• Prepare and deliver security reports and metrics for leadership, auditors, and regulatory purposes.

• Enforce corporate security policies and ensure adherence across systems, processes, and personnel

• Identifying and prioritizing security vulnerabilities in our environment and help to drive remediation.

• Collaborate with technical leadership to align security engineering priorities with organizational goals.

• Mentor engineers and promote a proactive, security-focused culture.

• Own projects from definition to completion, driving continuous improvement without requiring daily direction.

• Drives definition, documentation, and evolution of best practices for the security engineering program.

• Goes above and beyond basic requirements to support their own team and others.

• Has the ability to take an assignment, project or problem and implement a solution to completion.

Requirements:

• 5+ years experience in cloud security and/or security engineering.

• Experience with security operations and incident response.

• Experience implementing or managing a SIEM.

• Understanding of security best-practices and how to implement them at an enterprise level.

• Basic coding skills – Terraform, Python, other scripting languages.

• Expert in common Information Security concepts, practices, and procedures

• Understanding of vulnerability analysis, endpoint protection, email security, encryption technologies, data loss prevention, intrusion detection, incident response

• Strong written and oral communication skills and the ability to prioritize work

• Strong aptitude for problem solving, math, and communication

• Strong organizational and interpersonal skill

Desired Experience or Skills:

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related area of study

• Experience with Island Technology

• Experience with Crowdstrike EDR

• Experience with O365

• Experience managing Identify & Access Management in an enterprise

• Experience with Azure, or AWS public cloud platforms

• SANS GIAC, CEH, CompTIA Security+, AWS or GCP security certifications.