The Security Engineer is responsible for supporting the delivery, operating, and scaling of security capabilities across the organization. This role will act as a security expert within a growing, collaborative team in a cutting-edge HR and payroll tech company. Keep abreast of the latest technologies in a hands-on role that also provides a unique opportunity to shape the future direction and design of our systems. The ideal candidate is passionate about technology and the opportunity to play a foundational role in a new team is self-motivated and has great communication skills.
The Security Engineer is responsible for the delivery, operating, and scaling of security capabilities across the organization. This includes supporting technical implementations, working cross-team with infrastructure, system, application, and architecture teams to better the security posture of the organization.
- Develop innovative security controls to protect assets across a large and complex environment
- Administer a wide and interesting range of security platforms and systems
- Implement security orchestration and automation in support of security operations
- Consult with internal teams on architecture and system designs
- Support cross-team security initiatives of internal teams
Platform and Tools:
- You will need experience working with most, if not all, of the following platforms and tools:
- Active Directory
- Cloud (AWS, Azure, etc.)
- Data Loss Prevention (ProofPoint, Symantec, Varonis, etc.)
- DNS Filtering and Web Proxies (Cisco, Zscaler, etc.)
- Docker Containers & Kubernetes
- Email Security (ProofPoint, Mimecast, etc.)
- Endpoint Detection & Response (Microsoft ATP, CrowdStrike, Carbon Black, etc.)
- Network Firewalls (Cisco, Palo Alto, Checkpoint, etc.)
- Privileged Access Management (PAM)
- Public Key Infrastructure (PKI)
- Security Information and Event Management (SIEM)
- Threat Intelligence Platform (TIP)
- Vulnerability Management (Tenable, Qualys, etc.)
- Web Application Firewalls (F5 ASM, Imperva, etc.)
- Solid understanding of NIST Cybersecurity and MITRE ATT&CK frameworks.
- Working ability to write scripts and automation. This includes parsing log data (i.e. RegEx, XML, etc.)
- Ability to self-teach technical concepts in security and apply them in real-world scenarios.
- Great communication skills with the ability to build strong cross-team relationships.