The Role 

We're looking for an experienced Information Security Engineer to join our growing Information Security team. This role will be reporting to the Information Security Operations Manager. Our team works to create a strong Information Security function within Green Thumb that enables the business to continue its tremendous growth. The Information Security Engineer is responsible for supporting cybersecurity technical design, deployment, and ongoing operations. The candidate must have a strong understanding of security architecture, network security, security technologies, and cloud security.

Responsibilities 

• Manage the day-to-day operations of security tools and vendors responsible for providing perimeter, application, network and cloud security.
• Architect, design, implement, maintain and operate information security solutions for network, cloud environments and applications.
• Deploy and configure security tools such as antivirus, email gateway, SIEM, threat intelligence and vulnerability management solutions.
• Strong working knowledge of Firewalls, Proxies, Antivirus, SIEM, Network Access Control, Email Gateways, and IDS/IPS.
• Analyze and recommend security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
• Contribute to Incident Response activities, working with internal and external technical teams and providing on-call support.
• Provide expertise in the investigation and remediation of monitoring alerts and incident response.
• Create and maintain playbooks and standard operating procedures for security tools and processes.
• Maintain a current understanding of the cybersecurity threat landscape.
• Execute tasks as a member of the Information Security team as assigned by management.

Qualifications  

Our employees come in all shapes and sizes, but to be successful in this role with us, you'll at least need:

• 5+ years of experience working in Information Security.
• Bachelor’s degree or higher in Information Security or Information Technology is required.
• Strong understanding of Information Security technologies, design and architecture.
• Strong written and oral communication skills, as this role will interface with business leaders.
• Strong people management, project management and vendor management skills.
• Deep knowledge of network, endpoint, application, and cloud security.
• Knowledge of NIST, MITRE, OWASP, and other security frameworks.
• Strong problem-solving skills with well-organized and structured work habits.
• Security certifications, such as CISSP, CISM, CCNA are preferred, but not required.
• We're doing some big things, and we'll find some roadblocks along the way, big and small. A big part of this role is keeping an even keel and finding the route through or around the obstacles.
• This role requires lots of communication with customers and everyone at GTI. Your colleagues will rely on your ability to translate security requirements into digestible bits of information for them. Customers will expect you to quickly articulate technical components of the GTI security program to help them assess risk, including as part of the business development process.
• An insatiable intellectual curiosity and the ability to learn quickly in a complex space.

Additional Requirements 

• Must pass any and all required background checks  
• Must be and remain compliant with all legal or company regulations for working in the industry  
• Must be a minimum of 21 years of age