If so, we are seeking a Lead Information Assurance Engineer whose purpose will be to lead the design, deployment, and day to day operations of company wide Information Systems security technologies as well as programs deployed across the EP technology landscape. The role operates in collaboration with other Technology teams to improve and maintain the overall security posture of the IT Infrastructure as well as protect data assets. The role will have the critical function of a Lead Security Engineer in charge of day-to-day monitoring of infrastructure and operational incident response during a known or potential security event. In-depth analysis of systems and data involved with these events will be required on a regular basis to develop threat assessment criteria with reporting and performance metrics. The role will also help lead innovation of the incident response function through automation and orchestration to improve efficiency, increase response times, and reduce cost.
- Operational Duties: Daily review and analysis of data from intrusion detection systems, anti-virus solutions, vulnerability assessment tools, as well as log correlation tools to identify actionable threats or remediation. Responsible for leading security incident response and event handling as part of a team accountable for 24x7x365 response to any known or potential security incidents/events including detailed malware analysis and cloud security. Communicates and coordinates with all internal Technology teams as well as Business units or service providers on various attack scenarios including viruses, worms, stolen credentials, DDOS attacks, etc. Conducts vulnerability assessments including basic penetration testing or digital forensics while communicating and coordinating remediation efforts. Stays well-informed and current on product updates or known vulnerabilities relating to technology including the coordination of security patch implementations or stop-gap measures. Leads implementation of new process, procedures, or technologies that streamline capabilities. Responsible for reporting and team mentoring to ensure success and collaboration.
- Business Support: Collaborates on business and technology initiatives as a Lead Security Operations Engineer who helps architect solutions and provide guidance to others on proper information security practices. Performs security assessments to identify potential information security risks in all aspects of the business including technical implementations (applications or equipment) as well as technology or business processes. Helps develop and socialize security baselines for all flavors of IT infrastructure. Leads efforts in developing security related processes and procedures for the department as well as the company that can be employed on a global basis. Participates in internal and third party audits of the company’s information security policies, procedures, as well as operational duties while supporting any remediation efforts that may be identified as a result of an audit. Contributes to and delivers end user security awareness training, effective reporting, as well as performance metrics.
- Projects: Helps lead, coordinate, and execute information assurance projects as defined and prioritized in the overall information assurance strategy. Leads efforts for defining Information Assurance Engineering objectives and deliverables associated with the continued advancement of EP’s overall Security Program. Contributes to the evaluation of the security posture associated with the company’s technology as well as any related data assets to ensure internal security controls are appropriate and operating as intended. Stays well-informed and current on the latest information security technologies, methodologies, and events. Identifies external resources such as vendors, products, or services that may assist in meeting information assurance objectives or promote lower security costs. Evaluates and delivers recommendations pertaining to the procurement of security related technology including software, hardware, and services. Evaluates, delivers feedback, and architects solutions associated with the potential security aspects or impact of non-security related technology including software, hardware, and services. Liaisons with external information security vendors and service providers on a regular basis.
JOB REQUIREMENTS/QUALIFICATIONS NEEDED
- Experience: 5+ years of direct information security and senior level experience with lead responsibilities in a global IT environment supporting all the security domains.
- Education: University degree (or equivalent experience) in Computer Science, Engineering, or another technical field
- Detailed functional knowledge of network technologies including network security focused technologies such as next generation firewalls and web application firewalls in a global IT environment
- Detailed functional knowledge in developing security playbooks and implementing for orchestration, automation, and response
- Detailed functional knowledge of security solutions such as anti-virus, intrusion detection, file encryption, security incident and event management, vulnerability assessment, etc. including the implementation of these solutions in cloud environments.
- Working knowledge of server and cloud technologies including administration, virtualization, Active Directory, Microsoft O365, AWS and Citrix in a global IT environment
- Working knowledge of both Windows and Linux/Unix operating systems
- Experience in log analysis, security analytics and event correlation
- Experience using Microsoft Word, Excel, PowerPoint, Visio, and SharePoint. Microsoft Project, Access, SQL, PowerShell, or scripting experience is a plus.
- Professional Skills:
- Strong customer service, written, and oral communication skills
- Strong mentoring skills with experience guiding team members in both pro-active and re-active engagements, contributing to performance metrics for improved efficiency and reduced cost
- Ability to maintain security as well as confidentiality when dealing with sensitive information for both domestic and global environments
- Ability to prioritize tasks to meet defined timelines and deliver measurable results
- Ability to collaborate with team members as well as non-team members to support a multi-site customer base that extends globally
- Knowledge of desk side and help desk support delivery
- Experience in developing as well as implementing support and administration procedures
- Key Performance Metrics:
- Achievement of performance objectives agreed to by the Technology team as part of the formal performance planning process that includes the following:
- On time delivery of regularly scheduled tasks, duties, approved projects, and Service Desk requests
- Demonstrated knowledge of security technologies and environments
- Demonstrated knowledge of business initiatives and core operations
- Demonstrated initiative to pursue further technological expertise and system administration best practices
- Demonstrated contribution to process and service improvements