The Security Engineer is responsible for implementing industry best practices with regard to firewalls, IDS/IPS, VPN, wireless communications and connectivity configurations. The role identifies assets and assess risks, threats, and vulnerabilities in accordance with accepted business and regulations to ensure security design integrity, availability, and confidentiality compliance. This position supports Spectrum Brands' global divisions.
Primary Duties & Responsibilities
- Provide leadership to deploy, monitor, test and tune network devices and systems to provide optimal security and performance.
- Plan, research, design, and implement elements of information security hardware and software technologies.
- Design and deploy state-of-art technology to meet the business needs and interface with business units regarding technical planning and network issues.
- Develop security network migrations plans, research solutions to security technical issues, and provide security technical leadership and guidance during the engineering design and build phase.
- Monitor security controls and audits devices, detects possible security incidents.
- Monitor for potential threats, identification of trends, and assessment of system vulnerabilities.
- Research, recommend and develop security and risk mitigation solutions.
- Utilize best practices and risk tolerances frameworks.
- Prepare documentation, including department policies and procedures, business notifications, and security alerts.
- Enforce all company policies and procedures.
- Perform penetration testing and recommend remediation efforts for system vulnerabilities.
- Investigate current cyber security threats and provide I.T. leadership with timely communication updates.
- Provide automation scripts that help identifies issues on a regular basis.
Education and Experience Profile
- Bachelor's degree in a business related field or equivalent experience.
- A minimum of 5 years of relevant experience with a combination of functional technical experience with aspects of major enterprise business systems and related technologies.
- Comprehensive understanding of information security technologies and methodologies, information technology auditing, and business continuity management.
- Diverse working experience in multiple network interfaces, technologies and protocols.
- Advanced knowledge of data security administration principles, method, and techniques including firewalls, network and intrusion detection systems.
- Hands on working knowledge and diverse skills of all routing protocols such as BGP, EIGRP, OSPG and L2/L3 VPN.
- Experience with complex security and network troubleshooting, mitigation and resolution activities in a global organization.
- Hands on security implementations such as firewall management, IDS/IPS, SIEMS, and vulnerability scans.
- Ability to perform risk assessments across multiple global business units and systems.
- Demonstrated ability to regularly prepare project management material while keeping focus on budget and commitments.
- Must maintain high level of confidentiality and professionalism.
- Researches and learns new skills related to information security systems and processes.
- Demonstrated experience establishing and maintaining effective working relationships with other business organizations and leadership; successful experience in working with diverse groups of people in a problem-solving environment.
- Experience in the managing outsource security environment where delivery of most security capabilities are provide by a third party vendor.
- Hands on experience in securing systems and applications hosted in the "Cloud".
- Working conditions are normal for an office environment.
- Up to 15% travel required.