Infrastructure Security Engineer

About The Position

Requirements

• 10-15 years hands-on network security engineering experience, specializing in Firewalls and Infrastructure security.
• Strong Palo Alto and Panorama experience. Other enterprise firewall experience accepted but Palo Alto is preferred.
• Exposure and experience with International and multi-country IT security programs.
• Experience and familiarity with cyber incident response, SIEM, vulnerability scanning tools, security operations workflow, IPS, Browser security, Cloud security, and Endpoint Security.
• Familiarity with security-related compliance such as NIST CSF, CIS Critical Security Controls, ISO 27001/27002 and regulations such as GDPR, HIPAA, SOC1/2, and PCI-DSS.
• Strong understanding of MITRE ATT&CK framework.
• An analytical security-focused mind, outstanding problem-solving skills, and strong threat assessment and mitigation skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
• Exceptional documentation and report generation skills.
• Great awareness of cybersecurity trends, emerging threats, and techniques.
• Must be eligible to work in the United States.
• Must pass comprehensive background screening.
• Must be willing to work flexible hours across time zones.
• Must be willing to participate in an on-call rotation to ensure 24/7/365 coverage.

Nice To Haves

• Certifications in one or more of the following disciplines/providers preferred: CISSP, CEH, GIAC (GSEC, GCIH, etc.), ISACA, Other Networking/Network Security related certifications.

Responsibilities

• Planning, implementing, managing, monitoring, and upgrading security measures for the protection of STACK Infrastructure’s data, systems, and networks.
• Monitor and triage critical IT infrastructure for irregular behavior/weaknesses and respond with robust countermeasures to prevent future incidents.
• Champion a Zero Trust security model across STACK’s network and datacenter environments. Architect solutions that enforce least-privilege access, continuous verification, and micro-segmentation of services – ensuring no implicit trust at any layer.
• Install and maintain security tools that monitor critical infrastructure (systems and networks) for security breaches and intrusions.
• Leading or collaborating with peers on project management to accomplish the goals set by leadership.
• Providing SME-level advice and expertise regarding various technologies and enable leadership to drive security objectives and improve STACK’s overall security posture.
• Triage and investigate security and user high-risk events.
• Lead/participate in incident response and investigation of IT/OT security detections and incidents.
• Infrastructure and Network OS security hardening
• Monitoring and optimization of security tools
• DNS management
• Penetration testing remediation
• Policy enforcement
• Attack surface management and threat hunting
• Participation in an on-call rotation with your team to ensure 24/7/365 coverage.
• Work closely with cross-functional teams, including IT Support, IT Infrastructure, and Critical Operations teams, to ensure systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access
• Serve as a point of escalation and support for Information Technology and international IT administrators security needs.
• Other duties as assigned

Benefits

• medical, dental, and vision insurance
• a 401K program
• flexible spending accounts
• cell phone subsidy