Manhattan Associates is a technology leader in supply chain and omnichannel commerce. We unite information across the enterprise, converging front-end sales with back-end supply chain execution. Our cloud and one-premises solutions and unmatched experience help drive both top-line growth and bottom-line profitability for our customers.Making an impact every day. We have spent the last 30 years listening, learning and working with our clients to become the most experienced supply chain execution company in the world. Every day, we help the world’s most innovative manufacturers, retailers and wholesalers push themselves and their industries to solve the unsolvable problems of the past.JOB SUMMARY
The Principal Security Engineer ensures the confidentiality, integrity, and availability of on-premise and cloud-based Internet accessible systems and services that support core business functions. This is achieved by designing, building and optimizing internal and external environment protection platforms and associated security controls while ensuring compliance with security policies. The ideal candidate is a proactive and self-motivated professional with advanced knowledge and strong experience in designing, building, and securing multiple systems and environments. The candidate will work with various global security teams and other business unit teams to manage the security of corporate environments.
- 7+ years of experience in Information Technology
- 5+ years experience with email management and defense products, as well as email protocols and services such as SPF, DKIM, DMARC
- 5+ years experience with securing cloud directory services such as Office365 and Azure AD
- 3+ years experience with managing endpoint detection and response tools and incident response activities on Windows and Linux systems
- 3+ years experience with utilizing vulnerability management platforms
- 2+ years experience with security functions within various cloud hosting service providers.
- 2+ years experience with utilizing encryption technologies and digital certificate management.
- 1+ years experience with developing and running scripts and scripting languages
- A Bachelor’s Degree in Computer Science, Engineering or equivalent work experience.
PRINCIPAL DUTIES AND RESPONSIBILITIES.
- Responsible for all aspects of all corporate email and spam management to include remediation of false-positive email messages, email quarantines, and expansion of email platform protection services.
- Partner with external email service providers to improve email protection efficiency.
- Configure and manage data loss prevention platforms across multiple products and service locations
- Manage endpoint detection and remediation platforms to include version updates, configuration changes, and protection improvements
- Management corporate public digital certificate services to include certificate issues, renewals, and revocations as well as new domain enrollments
- Coordinate and run global external penetration testing services, partnering with external providers, reviewing results, and delivering results to various business units
- Utilize scripting to enable automation of common tasks, educating key security operations center personnel on threating hunting tasks and capabilities
- Act at Tier 3 level escalation point for junior engineers and analysts, mentoring them in proper incident response handling where needed.
- Identify cyber risks and provide guidance regarding remediation of gaps to facilitate a hardened and sustainable cloud environment
- Strong understanding of TCP/IP protocols, subnetting, and routing
- Strong understanding of encryption fundamentals and process flows
- Strong understanding of email security components such as SPF, DKIM, and DMARC
- Strong understanding of cloud vendors and cloud security architectures
- Strong experience in Microsoft Office365 security components and capabilities
- Understanding of NIST, CIS Top 20, and ISO 27001 controls
- Strong written and verbal communication skills
- Ability to troubleshoot email and security problems independently
- Ability to accurately document major security incident reports viewable by executive leaders
- Ability to properly handle confidential and sensitive information
- Ability to pass US federal government background investigation