Information Security Engineer

About The Position

Requirements

• 5 years’ overall information security specific operations experience required
• Information security industry recognized certification(s) highly recommended – GSEC, CISSP, CEH, GCIH
• Experience with securing Windows, Windows Server and macOS systems
• Strong knowledge of TCP/IP, the OSI model, DNS, HTTP, VPN, routing & switching, and load balancer technologies for virtual and physical networks.
• Strong knowledge of threats to include common attack vectors, methodologies, and payloads/exploits.
• Deep understanding and/or administration experience with Microsoft Windows and O365 systems.
• Ability to design, implement and administrate security solutions, e.g., firewalls, proxies, WAFs, DLP, IDS/IPS, MDM, malware detection/EDR, packet capture and analysis tools, etc.
• Operational experience with security logging, event correlation, and SIEM technologies.
• Operational experience working with SaaS and SASE products.
• Knowledge of endpoint security technologies (e.g., antivirus, EDR, FIM, etc.)
• Knowledge of secure configuration management across multiple platforms.
• Knowledge of penetration testing methodologies and practices.
• Knowledge of forensic practices and chain of custody processes.
• Understanding of NIST, CIS, OWASP frameworks.
• Understanding of compliance areas including controls for SOC 2, ISO, PCI, etc.
• Curious, inquisitive, innovative, lifelong learner and self-starter
• Strong documentation and communication skills
• Able to effectively give, receive, and respond to feedback
• Computer competency and ability to work with a computer.
• Prioritize multiple tasks and projects simultaneously.
• Exceptional written and verbal communication skills.
• Punctuality expected, ready to report to work on a consistent basis.
• Attain and maintain high performance expectations on a monthly basis.
• Work in a fast-paced, high-volume setting.
• Use and navigate multiple computer systems with exceptional multi-tasking skills.
• Remain calm and professional during difficult discussions.
• Take constructive feedback.

Responsibilities

• Assist in the specification, design, and documentation of information security solutions, including operational processes
• Support security and technology operations to maintain availability and security of deployed systems
• Support the operation of vulnerability scanning, and perform analysis and prioritization of the results
• Analyze and correlate security logs generated by various systems and endpoints, firewalls, network flow/packet capture systems, malware/antivirus systems and other security logging sources.
• Perform security analysis utilizing SIEM technologies
• Provide support for Security Operations and Incident Response

Benefits

• Generous Medical, Dental, and Vision Benefits
• 401(k) with Company Match
• Paid Holidays, Volunteer Time Off, Sick Days, and Vacation
• 12 weeks Paid Parental Leave
• Pre-tax Transit Benefits
• No-Cost Life Insurance Benefits
• Voluntary Benefits Options
• ASPCA Pet Health Insurance Discount
• Wellness Incentive Program