Security Engineer II

About The Position

Requirements

• B.A./B.S. degree in Computer Science or related field, or equivalent work experience
• 3-5+ years in the Information Security field
• CATO SASE Expert 2, SASE Advanced Security
• Experience with Intune, Tenable, Mimecast, Okta, next-generation EDR tools and SIEM
• Proficiency with Microsoft Azure and SASE environments
• Experience managing Office 365 and Azure environments
• Experience in MS Office Suite, including Excel, Outlook and Word
• Experience implementing security controls in IT environments
• Experience driving a culture of security awareness
• Experience administering endpoint devices or web application servers
• Experience with logging and alerting platforms, including SIEM integration
• Knowledge of incident response methodologies and technologies
• Strong customer service, interpersonal skills and the ability to interact with all levels of staff
• Strong work ethic and eagerness to produce high quality, accurate results
• Ability to proactively problem solve and apply innovative solutions
• Ability to work and collaborate in a team environment, and ability to work independently and prioritize work
• Ability to work on multiple projects at the same time
• Ability to effectively meet deadlines at expected quality

Nice To Haves

• Information Security Certification ( Sec+, CySA+, GSEC, SSCP, CCSK, GISF, CISA, CASP+)
• Proficiency with the following security solutions (Okta, Crowdstrike, Microsoft Cloud App Security, Tenable, Mimecast, Tenable, EDR, SIEM)

Responsibilities

• Manages security tools such as Okta, Mimecast, CrowdStrike, Defender, Sentinel SIEM and Palo Alto Advanced Threat Protection Detection Services
• Recommends, schedules and applies patches, removes or otherwise mitigates known control weaknesses
• Contributes to incident response activities, including investigation and documentation
• Conducts vulnerability assessments on a regular basis, using a variety of tools and techniques; analyzes vulnerability scan results and prioritizes findings based on risk
• Collaborates with other IT teams to remediate vulnerabilities and mitigate risks; documents vulnerability assessment findings and remediation efforts
• Manages the development and maintenance of security documentation, such as policies and procedures
• Monitors security alerts and escalate incidents as appropriate
• Collaborates with the IT teams to ensure security best practices are followed
• Responds, analyzes, remediates and documents actions performed to resolve threat conditions
• Creates and delivers regular security reports to management and stakeholders, including incident reports, vulnerability assessments, and security metrics.; analyzes security data to identify trends, patterns, and areas of concern, and presents findings and recommendations, using visualizations and dashboards to enhance understanding
• Develops and delivers engaging security awareness training programs for end users, tailored to different roles and departments; conducts simulated phishing campaigns to assess user susceptibility and reinforce training content and analyzes campaign results for improvements
• Performs regular security audits across various IT systems and processes to ensure compliance with security policies, standards, and regulatory requirements; recommends corrective actions to address findings in collaboration with other IT teams
• Develops and implements automation scripts and playbooks to streamline security operations, such as automating security alerts, vulnerability remediation, and incident response tasks
• Proactively searches for indicators of compromise and escalate finding to leadership
• Provides 24/7/365 support upon request by management on an as-needed basis
• Performs other duties assigned by leadership
• Embraces a culture of continuous service improvement and service excellence
• Stays current on security industry trends