The Security Engineer will be an integral member of the CPI Security IT Operations and InfoSec Team. This role will lead security implementation initiatives, diagnose and respond to IT security incidents, and use tools to provide the highest level of data security to CPI. This position will work closely with the Operations team to ensure current and future infrastructure operations are meeting Security established standards. Finally, this role will work closely with the App Dev team to ensure that developers are using the best security practices across the entire stack.
Essential Functions
- Work closely with teams to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks.
- Identify vulnerabilities and potential threats, conduct risk assessments, develop and implement security solutions to mitigate risks.
- Incident response, security monitoring, and security policy development.
- Leverage senior engineering expertise and knowledge to gain deeper insights into the intricate and highly technical aspects of cybersecurity.
- Work across multiple teams to ensure data security is maintained across all departments, including auditing multiple types & levels of access.
- Maintain the highest level of data governance available, including both Data-in-Motion & Data-at-Rest.
- Perform routine penetration tests to assess the strength and resilience of the system.
- Perform rotating scheduled patching and firmware updates.
- Monitor and analyze security logs and events and respond to security incidents in a timely manner.
- Provide expert technical expertise and guidance to Operations and Network Engineering teams to ensure that security controls are effectively implemented and maintained.
- Stay up to date on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture.
- Provide training and awareness programs to educate employees and users about security best practices and procedures.
- Perform routine employee awareness tests, such as phishing campaigns.
- Offer support to the Operations team as required.
Knowledge, Skills and Abilities Required
- Team player who works well with business customers and colleagues at all levels.
- Willing to work weekends and after hours when needed.
- Work effectively both independently and in a team environment.
- Ability to read, analyze, and interpret general business rules, technical procedures, or process documentation.
- Ability to proficiently create and maintain technical and process documentation.
- Ability to write reports, business correspondence, and procedure manuals.
- In-depth knowledge of best practices for on-premises and cloud security.
- Ability to investigate and resolve with problems that arise with minimal details.
- In-depth knowledge of all Microsoft Server and VMWare products.
- Powershell and batch scripting experience.
- In-depth working experience with corporate security.
- Excellent attention to detail.
Other Experience Required
- At least a bachelor’s degree in computer science, information systems, or a related field
- 7+ years of recent experience as a Sr System Admin/Engineer with Windows server administration, VMware vSphere Suite administration, virtualization equivalent or system administration equivalent experience.
- Comprehensive knowledge of Windows Server platforms, Linux, and VMWare.
- Proven experience developing, operating, and maintaining security systems.
- In-depth knowledge of security protocols and principles.
- Experience with multiple security and data governance tools
- Must be familiar with 2-factor authentication (SSO), SAML and policy agents.
#LI-JL1
