Sr. Security Engineer at Curaleaf in Las Vegas, NV

Curaleaf Holdings, Inc. (CSE: CURA) (OTCQX: CURLF) ("Curaleaf") is a leading U.S. provider of consumer products in cannabis, with a mission to improve lives by providing clarity around cannabis and confidence around consumption. As a vertically integrated, high-growth cannabis operator known for quality, expertise, and reliability, the company and its brands, including Curaleaf and Select provide industry-leading service, product selection, and accessibility across the medical and adult-use markets. Curaleaf currently operates in 23 states with 96 dispensaries, 23 cultivation sites, and over 30 processing sites, and employs over 3,000 team members across the United States. Curaleaf is listed on the Canadian Securities Exchange under the symbol CURA and trades on the OTCQX market under the symbol CURLF. For more information please visit

We are seeking individuals who are passionate about making a difference in the work they do and will help support our company vision "To be the world's leading cannabis company by leading the world in cannabis education, accessibility, and customer satisfaction with high-quality products backed by science." You will have an opportunity to be recognized for your talent and expertise while contributing to the success of key strategic initiatives in support of our Mission "To improve lives by providing clarity around cannabis and confidence around consumption."

We are looking for a Sr. Security Engineer who is sharp, detail-oriented, and a formidable opponent of hackers and cybercriminals. As our Sr. Security Engineer, you will ensuring our environment and systems are secured and protected from cyber-attacks. This will require being up to date on the latest practices and methodologies, demonstrate meticulous problem-solving skills, and work well under pressure. You will also need to develop new systems and methods to address vulnerabilities, have exceptional IT capabilities, and guide the company through a cyber-attack, if necessary.

Responsibilities:

• Design technical control standards and strategies for a variety of information systems based on industry best practices and guidelines (NIST, CSA, CIS, OWASP, SANS, etc…)
• Define and document requirements for secure operations across the entire delivery ecosystem: including internal datacenter, secure perimeter, public cloud, software-as-a-service, vendor hosted, public and private endpoints
• Prepare and present timely and accurate reports and information related to audits and regulatory examinations, as well as instituting a proactive security culture aimed at ensuring activities and practices are in line with internal policy and regulatory requirements. The Sr. Security Engineer is responsible for working closely with the legal and compliance teams related to this information.
• Identify and report any cyber-attacks and participate in any resulting investigation as needed
• Recommend, implement, and test specific control sets and security measures to mitigate inherent risk identified through cybersecurity risk assessments. Provide technical expertise to guide security risk assessments including pen testing as needed
• Oversee the enhancement and maintenance of our secure software delivery lifecycle. This includes all aspects of secure coding practices, integration of security principles and practices, and security appliance deployment and maintenance (like firewalls) into our DevOps/DevSecOps pipelines
• Coordinate with all departments to ensure cyber security control design is richly informed by current threat intelligence and incident response. As threat intelligence and response methods change, ensure those changes are propagated throughout the organization to maintain best practices
• Leverage internal and external resources to research threats, vulnerabilities, and intelligence on various attackers and attack infrastructure
• Use common log aggregation products like ELK or Splunk Analytics platform identify threats, determine root cause, scope, and severity of each critical anomaly. Report on findings and recommend system tuning/customization and data collection improvements
• Work with Threat Intelligence feeds and solutions to identify threats, develop or recommend countermeasures, and perform advanced network and host analysis in the event of a compromise

QUALIFICATIONS

• Bachelor’s Degree in Computer Science, Systems Engineering, CIS or related technical subject
• 10+ years of enterprise cybersecurity or relevant technology experience
• 5+ years of experience working in a proactive Threat Hunting IR investigation and remediation efforts
• 5+ years of experience identifying threats and developing appropriate protection measures
• Security Certifications (e.g. Security+, GCIA, GCIH, GCFA, GCNA, CEH, CISSP, etc.)
• Possess advanced knowledge of VPNs, Data Loss Prevention, IDS/IPS, Web-Proxy, Security Audits
• Strong technical knowledge in the following areas: - Endpoint security and Endpoint Detection and Response tools (e.g. Cylance, Microsoft Defender ATP, CrowdStrike, etc.) – Azure AD file systems, registry functions, and memory artifacts • Mac file systems and memory artifacts • Database, web application, cloud, and/or mobile device cyber incident response principles and techniques • Cybersecurity automation • Security Information and Event Monitoring (SIEM) utilities (e.g. Splunk, Logstash/Elk, ExaBeam, etc.) • Application, service, and machine log analysis • Common application-layer protocols (e.g. DNS, HTTP, TLS, SMB) • Network traffic metadata extraction and analysis using common packet capture utilities (e.g. Wireshark, tcpdump, Bro/Zeek, Snort, Suricata, etc.) • Malware analysis using sandboxes or other capabilities
• Experience with technologies from at least one public cloud like Azure (preferred), AWS, or GCP
• Experience with privileged access management tools
• Experience with one or more environmental scripting (Bash, PowerShell, etc.)
• Experience with one or more scripting language (Perl, Python, etc.)
• Experience managing cases with enterprise SIEM or Incident Management systems
• Experience/knowledge of hardware and software, networks, data centers, systems and others related to cyber security
• Expertise doing security event monitoring, analysis, and triage
• Experience with Java, Python, Go and/or Power Shell
• Working knowledge of cybersecurity methodologies, frameworks, and standard practices such as CIS, NIST Cybersecurity Framework, CSA, OWASP, and SANS
• Strong critical thinking skills and interpersonal skills; able to communicate technical issues to non-technical staff and leadership
• Must be self-driven, able to work independently while still coordinating with multiple departments
• Ability to multi-task with a calm demeanor and work under pressure in a fast-paced environment
• Ability to thrive in a Start-up culture – for those looking to work hard and develop in a rewarding career with growth opportunities
• Subject to background check per state cannabis requirements