Senior Information Security Engineer
Poppulo
·
Posted:
August 10, 2023
·
Remote
About the position
Poppulo is seeking a Sr. Information Security Engineer to join their security team. The role involves implementing preventive, detective, and response controls to protect company assets. The Senior Information Security Engineer will also be responsible for developing and maintaining business continuity planning, data, systems, and network security. They will report to the Sr. Director of Information Security Operations and must have a bachelor's degree in Computer Science or related field, along with 5+ years of experience in information security.
Responsibilities
- Develop and implement security controls, defenses, and countermeasures to prevent attacks on company email, data, and web-based systems.
- Review security violation reports and investigate possible security exceptions.
- Plan, implement, and manage security measures for information systems and networks.
- Monitor security systems and respond to potential security incidents.
- Stay up to date with cybersecurity threats and technologies.
- Develop and implement security policies and procedures.
- Provide training and support to end-users on security best practices.
- Respond to security incidents and lead incident response efforts.
- Manage Endpoint detection and response (EDR) platform.
- Analyze emails for spoofing and maintain email gateway security controls.
- Oversee Identity and Access Management (IAM) operations.
- Perform real-time detection, analysis, and response to threats via an EDR tool.
- Analyze attacks and trends to define proactive defensive measures.
- Anticipate and prevent problems and roadblocks.
- Provide subject matter expertise when needed.
- Analyze and correlate data to identify issues, trends, or exceptions.
- Perform initial analysis and investigation into security alerts.
- Research and evaluate cybersecurity threats and perform root cause analysis.
- Mentor associate-level security personnel.
- Other responsibilities as required.
Requirements
- Bachelor's degree in Computer Science, Information Systems, related field or equivalent experience
- One or more security-based certifications preferred; such as CISSP, Security +, GCIH and/or ethical hacking certifications
- 5+ years' experience in some form of information security discipline; specialization in information security risk assessments and frameworks preferred
- Experience with the NIST and ISO 27001/2 security frameworks
- Experience with the participation of SOC-based independent audits a plus
- Specialization in risk frameworks and formulating a risk management program preferred
- Ability to facilitate a secure software development lifecycle that includes threat modeling and application vulnerability scanning
- A background in secure software engineering a plus
- Ability to clearly and confidently explain complex technical issues in simple and understandable terms
- Self-starter with strong written and oral communication skills
- The ability to work in an environment that presents tight timelines and high expectations
- Must be able to adapt quickly to ever-changing requirements and priorities
- IT experience and understanding of common devices, equipment, environments, network diagrams & systems
- Familiar with MS office products/VISIO
- Ability to effectively network, participate in and lead matrixed teams, and develop key working relationships
- Working knowledge of systems administration for Linux and Windows-based platforms
- Basic knowledge of database administration and SQL a plus
- Basic knowledge of Amazon AWS administration a plus
Benefits
- Flexible PTO and 10 days paid leave
- Competitive compensation package
- Potential for career advancement in a fast-paced growing organization
- Competitive Medical, Dental, and Vision Benefits and Monthly contributions to your Health Savings Account
- 401k with Employer Match
- Fun, flexible working environment
- Maternity, Parental, Adoption and Bereavement Leave. Funding towards adoption costs.
- Life Insurance