Security Engineer

• Endpoint Security and Hardening
• Policy Work and Development
• Good understanding of modern IT Governance
• Information Systems Risk Management
• Is constantly up to date with the latest security threats in the industry & mitigations
• Experience configuring & integrating many different technologies - Firewalls, SIEM, IDS, PAM, MDM, QOS, etc
• The ability to lead conversations in the business regarding information security

Qualifications and experience:

• Preferably a tertiary degree in computer science/information systems or related field
• Relevant security-related certifications (e.g. Security+, CySA+, AWS CSS, GSEC, OCSP, CISM/CISSP)
• 5+ Years of professional experience working in an IT Security Related role
• 3+ years of professional experience working in a technical security-related position
• Linux/Unix/Mac Administration
• Active Directory policy development and Windows Server Operations
• Identity and Access Management platform configuration/management
• E-Mail Platform configuration and maintenance
• Thorough understanding of networking, firewalls, and system security
• Experience securing cloud technologies
• Competency with configuring rule sets and system policies
• Understanding of application security concepts
• Experience with penetration testing or ethical hacker-based activity
• Experience with internal/external IT audits
• Experience with incident response and management
• Bash / Powershell Scripting 
• Knowledge of the SDLC
• Knowledge of secure coding practices (eg. OWASP Top 10)
• Cloud/system administrator experience

Nice to haves 

• Solid exposure/experience with security frameworks including, but not limited to: ISO27001, PCI/DSS, etc
• Experience with hardware security solutions (Meraki, Fortinet, Cisco).

What are some of the roles and responsibilities of this role?

• Manage Endpoint Detection and Response solution
• Management and Tuning of Email security systems (Rules, Policies, Records Management, Spam, Viruses, and Malware)
• Management of relationships of internal business units to support and continuously improve security-related infrastructure/solutions
• Perform Risk assessments of third-party cloud platforms and software
• Manage and develop company-wide security awareness training
• Work with metrics and data to filter out suspicious activity, finding and mitigating risks before breaches occur
• Configuring various platforms (e.g. Firewalls, Mail servers, SIEM, etc) to detect/filter/flag suspicious activity - finding and mitigating risks before breaches occur.
• Perform internal security audits & assist with ad-hoc audits
• Implement security best practices and governance according to various industry standards and as required by regulators
• Continuously updating and developing of relevant company policies (e.g. Security Policy)