Senior Security Engineer

About The Position

Requirements

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Minimum of 10 years as a security engineer or similar role.
• Strong understanding of network security, cryptography, and secure coding practices.
• Experience with security protocols and technologies, including SSL/TLS, VPNs, and multi-factor authentication (MFA).
• Relevant security certifications (CISSP, CISM CEH, OSCP).
• Proven exposure to security scanning tools
• Exposure in scripting languages (e.g., Python, Bash) for automation and security tool integration.
• In-depth knowledge of security best practices and frameworks (e.g., OWASP, NIST).
• Experience with Azure cloud security or similar cloud platforms
• Familiarity with security tools and technologies, such as firewalls, IDS/IPS, SIEM, and antivirus software/EDR.
• Excellent problem-solving and analytical skills.
• Effective communication and people skills.

Nice To Haves

• Master’s degree in Cybersecurity, Computer Science, Information Technology, or related field.
• Knowledge of regulatory requirements and standards, such as ISO 27001, NIST, and GDPR.

Responsibilities

• Design and implement secure architecture for applications and infrastructure (on-premises and in the cloud)
• Develop and maintain security policies, standards, and guidelines.
• Work with enterprise systems team to develop and implement code scanning into the CI/CD pipelines.
• Implement vulnerability security testing tools and frameworks.
• Conduct threat modeling and risk assessments.
• Assist in assessing readiness and in passing compliance audits for applicable data protection laws and regulations (i.e., PCI-DSS)
• Assess gaps in security practices and propose appropriate solutions.
• Collaborate with development, operations, and IT teamsIT teams to promote security best practices, including service level agreements, availability, continuity, system performance, system security, documentation, technology adoption, and planning.
• Advocate for security within the organization
• Participate in the preparation and execution of cyber security incident response plans, exercises, and events.
• Assist in preparing and exercising resilience, incident response, business continuity, and disaster recovery plans.
• Support Security Awareness Pprogram
• Manage annual third-party penetration testing and findings to remediation
• Build and participate in a third-party risk management program. Perform vendor and partnerPartner risk assessments
• Perform security audits on applications and infrastructure
• Perform other security projects and tasks as needed
• Stay updated with the latest security trends, threats, and technologies.

Benefits

• Medical
• Dental
• Vision
• Employer Paid Basic Employee Life and AD&D Insurance
• Employer Paid Long Term Disability
• Flexible Spending Accounts
• Voluntary Short-Term Disability
• Voluntary Life and AD&D Insurance
• Voluntary Accident Insurance
• Voluntary Critical Illness Insurance