Job Description – Security Solutions Engineer (Grade 2)
Come join a growing team working in a high impact mission-critical security environment to keep 84.51°and its client data secure. The successful hire will gain hands on experience working in a fast pace company that focuses on big data analysis while working to secure cutting-edge information technologies and platforms. You will get to use the following skills: security tool configuration and deployment and executing threat analysis on vulnerabilities that are germane to 84.51°’s computing environment.
- Knowledge of: AntiVirus, EDR, Privileged Account Management tool, SIEM, IDS/IPS technologies, and the vulnerability management process.
- To start out with, a major focus of this role is to own and resolve tickets that are assigned to the Security Solutions queue, managing & responding to the Phishing mailbox and responding to end users and other IT groups as needed. This role will serve as the main focal point of all Tier 1 escalations from service desk or other IT groups to resolve tickets associated with Security team’s tools. This also means working with other teams to remediate issues discovered by Security Solutions tools.
- Ability to troubleshoot technical and security related issues.
- Experience with determining appropriate courses of actions in response to identified and analyzed anomalous computer or network activity.
- Escalate alerts/tickets to senior members of team for review as needed.
- Participation in security incident handling efforts in response to a detected incident.
- Ability to participate in an on-call rotation. (On-call rotation would be 1 week, every 3 weeks).
- Demonstrated “security mindset” or desire and aptitude to learn and execute “security mindset” on a daily basis in role.
- Desire to learn and take ownership of Security Solution toolsets – like AntiVirus, Qualys solution and processes and Privileged Account Management tools. This means managing and enhancing these solutions to provide better detects and optimization to ensure tools work as designed.
- Self -starter
- Avid learner and ability to work well in a team-based environment
- Maintain awareness of trends of emerging threats that may affect the company’s external and internal business partners in order to help properly secure systems and applications.
- Strong interpersonal skills
- Customer oriented
- Work under direct supervision and or take direction from other senior members of the team to assist with multiple projects and programs to aide in the completion of projects on schedule for the security team.
- Provide junior to mid-level knowledge and experience within the information security discipline.
- The engineer should also have intermediate knowledge of enterprise IT security best practices, TCP/IP networks, and security architectures best practices and methodology to protect 84.51 assets and intellectual property.
- Provide support for the planning, design, and implementation of information system security solutions, procedures, and policies that help 84.51° achieve its information security goals and objectives.
- Other duties as assigned by manager
A good mix of security engineering and analysis skills are desired. Security engineering means the candidate is able to deploy and optimize security toolsets noted below. Security analysis skills means the candidate is able to dissect a threat and determine the potential impact to the organization and recommend a solution to protect 84.51 and its client data. Moderate to proficient skills in a scripting language, (Python, PowerShell, Bash shell, etc.) is a nice to have, but not necessary.
- Vulnerability management processes.
- Implementation and operation of new security solutions
- Hands on experience with: Web Proxies, IDS/IPS, EDR, SIEM solutions, Vulnerability scanners, Privileged Account Management tools, is desired.
- Knowledge of how to secure, Windows systems, Red Hat Linux systems, endpoints, networks and applications
- Knowledge of security best practices and the how to apply them within an enterprise computing environment
- Basic to moderate knowledge in security engineering, system and network security, authentication and security protocols, security vulnerabilities and remediation techniques
- Basic to moderate understanding of incident response skills.
- Basic to moderate understanding of the NIST/SANS top 20 critical controls.
- A strong desire to learn. A hunger to consistently hone and grow your security and technical skills. The ability and genuine desire to learn is a must.
- Strong problem-solving and multi-tasking abilities.
- Consistent attention to detail and follow-up skills with internal users, other IT teams, and with vendors.
- Knowledge of Mac and Windows Operating Systems.
- Excellent oral and written communication skills.
- Bachelor’s degree in Computer Science/Information Systems or related area, or equivalent job experience required.
- Must have foundational experience within IT. This means 2-5 years’ experience in 1.) the security space or 2.) as a sys admin 3.) technical support role or 4.) in network administration with desire and aptitude to learn security or 4.) college degree within IT and practical hands on work experience.
- The following Certifications are a nice to have but not required: CISSP, any GIAC certification, Security+.
- Moderate experience in the Information Security field including ONE or more of the following concentrations: security analysis/security engineering, application/software security or network security.