Job Summary:

The Senior Information Security Engineer specializing in Infrastructure Security is a pivotal role within our organization, responsible for implementing and administering information security policies, practices, procedures, and technologies. This role ensures the protection of networks, systems, applications, facilities, and data. The Senior Information Security Engineer collaborates with various teams to define and enforce security best practices, conduct risk assessments, implement security controls, and ensure compliance with industry regulations and laws. The Senior Information Security Engineer will have an active role in supporting and conducting SOC “Blue Team” operations responsibilities including continuous monitoring, alert analysis and triage, incident response, threat intelligence, and more.

Job Expectations:

• Research, recommend, and implement changes to procedures and systems to enhance data systems security, addressing vulnerabilities found during assessments.
• Advise users on security best practices and recognize potential threats and risks, including intrusion detection and threat mitigation.
• Monitor reports, conduct analysis on internet access, connectivity, and threats.
• Configure and manage firewalls, review vendor solutions, and provide best practices for firewall utilization.
• Automate repetitive tasks by reconciling data from multiple sources and creating scheduled tasks using code.
• Conduct technical information security assessments for networks, systems, applications, and databases.
• Complete internal and external audits for regulatory compliance, working with other business units.
• Participate in audit response management and provide ongoing guidance on achieving and maintaining security compliance.
• Coordinate and conduct Risk Assessments according to client policies and standards, collaborating with the business on risk remediation.
• Support continuous monitoring, incident response, threat intelligence, and other SOC/“Blue Team” responsibilities
• Assist with incident response as events are escalated, including triage, remediation, and documentation.
• Investigate and document events to aid incident responders, managers and other SOC team members on security issues and the emergence of new threats.
• Evaluate SOC policies and procedures and recommend updates to management as appropriate.

Knowledge, Skills, and Abilities Required:

• Strong understanding of security standards and compliance requirements, especially PCI DSS and CIS Center for Information Security Benchmarks.
• Proficiency in intrusion detection systems, firewalls, vulnerability scanners, encryption technologies, and antivirus software.
• Knowledge of identity management processes and project management skills.
• Experience with incident response program management and strategic business process consulting.
• In-depth understanding of IT operational policies, processes, and methodologies related to governance, risk management, and compliance.
• Broad knowledge of security fundamentals and technologies, including operating systems, network security, security event management, business continuity, and identity management.
• Familiarity with LANs, WANs, Microsoft Active Directory, Windows server, desktop operating systems, DD, SQL Server, GWS and other web services.
• Proficiency with Cloud Platforms such as AWS, GCP, Azure, and Alibaba Cloud.
• Bachelor’s degree in related field of study or equivalent work-related experience 
• 4+ years of experience in system, network, cloud security, and risk management.
• Good experience with a wide range of AWS tools, AWS native Security Services, and practical experience with AWS cloud.
• Experience implementing security practices in CI/CD environment – Ansible, Harness, Jenkins, etc.
• Hands-on experience with Python and Infrastructure as Code for cloud environments.
• Excellent problem-solving and analytical skills, with the ability to work independently and make sound judgments.
• Able to identify, troubleshoot, and resolve problems quickly using sound judgment and diplomacy.
• Capable of prioritizing tasks and escalating issues when necessary.
• Adaptable to changing tasks and deadlines, with the ability to work independently with minimal supervision.
• Excellent at multitasking, and open to constant learning
• Experience with Blue Team and/or Red/Purple Team and/or MSSP experience preferred.
• Experience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS)
• Experience with Amazon Web Services (AWS), Microsoft Azure, or Google Cloud Platform (GCP).
• Understanding of AWS services: EC2, VPC, IAM, AWS Systems Manager, etc.

Preferred Qualifications:

• Bachelor’s Degree in Computer Information Systems, Computer Science or equivalent.
• Professional Certifications in related field (OSCP, OSEP, CISSP, CEH, CompTIA Security+, AWS Certifications, GSEC, CCSP, GCIH, etc).
• Knowledge of PCI DSS and e-commerce.
• Strong self-management skills, ability to prioritize workload, and work effectively in a team environment.
• Up-to-date expertise in e-commerce.
• Effective oral and written communication skills.

The duties and responsibilities described above may provide only a partial description of this position. This is not an exhaustive list of all aspects of the job.  Other duties and responsibilities not outlined in this document may be added as necessary or desirable, with or without notice.

#LI-JC1