IT Security Engineer

About The Position

Requirements

• High School Diploma required; Bachelor's degree strongly preferred, focus in information technology or related field.
• 8+ years of relevant experience within the IT security space.
• Deep knowledge and understanding of Microsoft Entra, Microsoft Exchange, Microsoft Purview, Microsoft Identity and Security Architecture is required.
• Knowledge of Mimecast, Sophos Central, Rapid7 & KnowBe4 a Plus.
• Cybersecurity Certification such as CISSP, CCSP or CISM a Plus.
• Experience with Data Privacy a Plus.
• Strong written and verbal communication skills.

Responsibilities

• Manage security projects and provide expert guidance on security matters for other IT projects.
• Design, coordinate, and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks.
• Coordinate, measure, and report on the technical aspects of security project management.
• Maintain a knowledgebase comprising a technical reference library and operational documentation for new security controls & services.
• Partner with Governance, Risk, & Compliance leaders to ensure that identified risks, vulnerabilities, and threats are mitigated within company risk tolerance in a timely manner.
• Work with the IT Infrastructure team to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and other information system components.
• Work with the CIO, IT, and business stakeholders to define metrics and reporting strategies that effectively communicate successes and progress of the security program.
• Work with the CIO, IT, and business stakeholders to manage table top exercises.
• Act as a liaison with cybersecurity and IT vendors and the legal and purchasing departments to establish mutually acceptable contracts and service-level agreements.
• Continuously improve the global security program and security projects that address identified risks and business security requirements, including Data Privacy and follow laws such as GDPR, HIPAA, etc.
• Act as an empowered representative of Harmony's IT Security team during IT planning initiatives to ensure that security measures are incorporated into strategic IT plans.
• Aid in the review and update of documentation for Harmony's security policies and procedures.
• Actively participate in developing the goals, strategy, and methodologies of Harmony's cyber program in alignment with the overall Information Security program strategy.
• Research, evaluate, implement, and manage applications, services, and controls for use by Harmony within the security architecture.
• Assist with the deployment and upkeep of the information security departments website content as part of the IT intranet site.
• Assist setting up cloud applications, services, networks, and servers as required.
• List compliance tasks against accepted security controls by partnering with the Compliance team.
• Organize stakeholder meetings and program reviews to collect feedback and directional guidance.
• Strategize and define data security controls, risks, mitigation based on data classification and socialize and align with the business.
• Create, update, and impart security training content on a quarterly basis to Harmony company employees as well as external contractors.
• Align with the CIO and deliver on policies pertaining to Pen tests, Governance, managing vulnerabilities.
• Partner with the legal team to initiate and manage vendor contracts for Security related vendors.

Benefits

• Medical, Vision and Dental benefits the first of the month following start date.
• Generous paid time off and Company designated Holidays.
• Company paid Disability benefits and Life Insurance coverage.
• 401(k) Retirement Savings Plan.
• Paid Parental leave.
• Employee Stock Purchase Plan (ESPP).
• Company sponsored wellness programs.
• Professional development initiatives and continuous learning opportunities.
• A certified Great Place to Work for seven consecutive years based on our positive, values-based company culture.