Summary Description: The Senior I.T. Security Engineer will be responsible for evaluating ongoing risk, designing, architecting, implementing and maintaining global security, vulnerability and patching systems and ensuring compliance to prevent loss or damage due to internal or external threats. Excellent communication skills, experience and enthusiasm for the role are required. Candidates must be U.S. citizens and can be located anywhere in the US as this is a remote position. Duties and Responsibilities:The Senior I.T. Security Engineer should:
- Possess a can-do attitude with a desire to understand and solve challenges if and when they should arise.
- Be able to make decisions independently when necessary and take appropriate action to protect the assets of the business.
- Manage multiple concurrent projects, ensuring tasks are completed on time and within budget.
- Have solid knowledge of networking, including routing, advanced switching, DNS, DHCP, TLS.
- Possess a solid and demonstrated understanding of firewalls, email filters, VPN devices and other edge related security systems as well as internal systems such as end point security.
- Understand vulnerability scanning.
- Be able to identify potential risks, document and communicate weaknesses in company security posture and propose complete solutions with cost estimates to management.
- Assist in the preparation of the annual budget for all security and risk related items, including renewal, replacement or net new items.
- Stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks.
- Assist in the delivery of education to end users to help prevent human risk factors.
- Communicate new or imminent threats to management.
- Ensure adequate logging and alerting is established and review logs and alerts in a timely manner, communicating concerns and issues to management where appropriate.
- Evaluate and assist in the completion of external audits and security survey requests, noting areas of non-compliance or potential improvements.
- Perform internal vulnerability assessments and lead the effort to remediate vulnerabilities with the business unit and core IT teams.
- Ensure system patching is completed in a timely manner.
- Continuously evaluate communication security, data vulnerability, business continuity and compliance risks.
- Examine employee compliance with security controls and deficiencies.
- Evaluate security policy, processes and procedures for completeness, assist with the creation of new or revision of existing policies, processes and procedures.
- Ensure that controls are adequate to protect sensitive information systems.
- Communicate recommended business continuity preparations and controls, including deficiencies, to management.
- Participate in the maintenance of the business continuity / disaster recovery plans as it pertains to risk avoidance and security.
- Manage third party assessments to help measure the effectiveness of implemented systems, policies and procedures.
- Have 10+ years of demonstrated I.T. securityexperience, preferably in a small team or in roles where you were solely responsible for security or core aspects of security.
- Bachelor’s degree in Engineering, Computer Science-Security emphasis