Description

POSITION SUMMARY
The Information Security Engineer contributes to our success by leading technology to support and secure our hybrid environment. As an Information Security Engineer, you will work with various internal and external technology teams to ensure that security is applied to our technology platforms, services, and information in accordance with established standards and policies with a global perspective. Must possess a high degree of integrity and trust along with the ability to work independently. This role will not have direct reports but will be expected influence and direct activities of a team related to program initiatives, operations, and/or incident response.
 
ESSENTIAL FUNCTIONS
The responsibilities of this job include, but are not limited to, the following:

• Provide administration & support over security endpoint technology such as EDR, Anti-Virus, DLP, Internet Filtering, Mobile Device Management, and vulnerability software.
• Validate and drive vulnerability remediation of discovered vulnerabilities
• Contribute to security policy, standards, and guidelines.
• Effectively recognize threats by performing relevant research and data analysis
• Assist in responding to incidents, intervene as necessary to protect company assets
• Champions change, drives & sets technical direction affecting multiple global groups/business units and product design.
• Provide technical expertise in incident response events as needed.

 
MINIMUM QUALIFICATIONS
Education: Bachelor or equivalent of education and experience
Experience:

• 4+ years information security experience
• Excellent time management skills & with a demonstrated ability to prioritize tasks key
• Understanding of security technology (SIEM, DLP, IPS, WAF, Firewalls, Anti-Virus, etc.)
• Knowledge or experience in working with and/or managing vulnerability scanners
• Experience in security compliance frameworks such as CIS Benchmarks, NIST, GDPR, HIPAA, PII/PHI, SOX.
• Knowledge of desktop, server, mobile operating systems, and cloud computing providers (Azure, AWS, GCP), with a focus on security configuration and monitoring
• Working knowledge of modern identity and access management concepts such as Single Sign On (SSO), Access Provisioning, Directory Management, Multi-factor authentication (MFA)