Senior Information Security Engineer

PEAK6-posted about 23 hours ago
Full-time • Mid Level
Hybrid • Chicago, IL
1,001-5,000 employees
Resume
Match Score
Upload and Match ResumeTrack Jobs with Teal

As a Senior Information Security Engineer , you will be an integral player in designing, implementing, and defending the technologies that protect our diverse and dynamic businesses. Our teams are lean and agile, offering you the unique opportunity to take ownership of critical security systems and make a significant impact across the enterprise. You will be a principal driver in maturing our security posture by leading initiatives to manage and enhance our secure access solutions, while also improving threat detection capabilities within our security analytics environment.

  • Security Platform Engineering & Operations: Take a lead role in the management, enhancement, and maintenance of critical security infrastructure, including our secure access and SIEM platforms. This involves creating and tuning policies, developing detection logic, managing data ingestion, maintaining integrations, and ensuring consistent performance while acting as a technical lead for troubleshooting.
  • Threat Detection & Incident Response: Serve as a subject matter expert during security incidents, leveraging our security stack to investigate and respond to threats. This includes evaluating common exploits, network attacks, and phishing techniques; performing basic malware analysis; and aligning all activities with our Incident Response Plan and the MITRE ATT&CK framework.
  • Security Architecture & Strategy: Define security measures and reference architecture patterns in collaboration with Systems Architects across the business. Help manage traceability between business objectives and security strategy to continuously improve our security design, development, and deployment processes.
  • Risk Management & Vulnerability Mitigation: Conduct comprehensive analyses to identify business-critical systems and applications. Identify, analyze, and resolve security deficiencies, developing effective risk mitigation measures for our vulnerability and incident management programs and recommending corrective actions.
  • Cloud & Third-Party Security: Contribute to the development of technical guidance and security principles for our cloud technology environments. Evaluate the security risks posed by third-party vendors and services, developing and implementing effective mitigating strategies.
  • Audit & Compliance: Participate in internal audits and security program initiatives to assess our security maturity. Help interpret and apply requirements from applicable standards and regulations (e.g., ISO 27001, NIST) to ensure our technologies and processes adhere to regulatory standards.
  • Project-Based Security Deployment: Actively participate in projects to deploy new security technologies.
  • Documentation & Best Practices: Develop and maintain clear, concise documentation for security systems, policies, and procedures in our internal knowledge base. Champion security best practices across the organization.
  • Proactively Secure Development Lifecycle: Focus on integrating security at every stage of software development to ensure that every release adheres to security best practices. Use tools and practices to identify vulnerabilities early and continuously.
  • Information Security Evangelist: Be an information security leader and a partner within the developer community
  • 5+ years of experience in an Information Security, Network Engineering, or Systems Engineering role with a strong security focus.
  • Relevant security certifications (e.g., CISSP, GIAC, or other cloud/network security credentials).
  • Demonstrated, hands-on experience deploying and managing a leading SASE platform, including its ZTNA, Secure Web Gateway (SWG), and Cloud Access Security Broker (CASB) functions.
  • Strong proficiency with a major SIEM platform (experience with modern, cloud-native platforms is highly preferred).
  • Must have experience with log ingestion, parsing, and engineering detection rules with advanced query languages.
  • Deep understanding of core networking principles (TCP/IP, DNS, BGP, IPsec) and firewall management.
  • Broad experience across multiple IT domains, demonstrating the ability to work effectively in a "small team" environment.
  • Proficiency in a scripting language (e.g., Python, PowerShell) for automation and integration.
  • Must be available to participate in a 24x7 on-call rotation to support critical production systems and respond to security emergencies as needed.
  • DevOps and Automation Skills as Nice to Have.
  • Familiarity with CI/CD tools such as Jenkins, GitLab CI, or GitHub Actions is appreciated but not the focus—your goal is not to build or maintain these pipelines but to secure them.
  • Familiarity with other common enterprise security tools, such as: Endpoint Detection and Response (EDR), Identity and Access Management (IAM), vulnerability management solutions, and Mobile Device Management (MDM).
  • healthcare benefits (medical, dental and vision, EAP)
  • competitive PTO
  • 401k match
  • parental leave
  • HSA contribution match
  • paid subscription to the Calm app
  • generous external learning and tuition reimbursement benefits
  • ability to work remotely up to two days a week
Track Jobs with Teal

Job Search Resources

AI Resume Builder
Senior Cloud Engineer Resume Examples
Senior Cloud Engineer Cover Letter Examples

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service