Information Security Specialist III - Security Engineer
Information Security Specialist III – Security Engineer
The Information Security Specialist III – Security Engineer is a technical expert concerned the security controls and tools associated with multiple security domains. With a focus on physical, virtual, and cloud network operations, the Security Engineer envisions, designs, specifies, implements, monitors, and improves upon those controls; ensuring alignment with governing standards (NIST, ISO27001) and compliance with regulatory requirements (SOC, PCI, CCPA). The Security Engineer also fosters automated integration and interoperability across multiple vendors’ security appliances; this integration is not just between those appliances that are deployed within Freedom Financial Network production systems, but also between those internal devices connected to outside parties.
Responsibilities and Duties – As a tier III professional, you are expected to have expertise in at least 3 of these security engineering domain areas:
- Cloud Security: Responsible for working with DevOps and Infrastructure teams to analyze and maintain existing structure or create new, secured, cloud environments. A thorough understanding of securing Kubernetes, VPCs, IaaS, PKI, KMS, scripting, APIs, automation tools such as Terraform, and platforms such as AWS, GCP, or Azure.
- Network Security: Responsible for Firewalls, IPS/IDS, Proxies, URL Filtering, IP Whitelist/Blacklisting, Geo-fencing, DDoS protection, VPNs, NAC, posturing systems, and other security technologies for both physical and cloud operations.
- VMware System Security: Responsible for working with Infrastructure teams to analyze and maintain existing structure or create new, secured, virtual environments. Knowledge of the VMware stack, Horizon, Workspace One, and NSX required.
- System Security: Responsible for working with Infrastructure teams to analyze and maintain existing structure or create new, secured, domain environments. A thorough knowledge of Microsoft domains, including Active Directory, Azure AD, DHCP, DNS, Kerberos, Group Policy, Scripting, Patch Management, Endpoint Management, AV & EDR Tools, FIM tools, SNMP/WMI/Syslog management and monitoring.
- SIEM/SOC Security: Responsible for SIEM tools feeding SOC operations, including ongoing management, tuning, alert thresholds, initial investigation and validation of threats, and building functional reports to relay threat analytics to stakeholders in a digestible format.
- Incident Response & Forensics: Accountable for Incident Response handling and forensics using appropriate methodologies to acquire and preserve evidence in a manner consistent with legal requirements for admissible evidence. Ability to perform root cause/post-mortem analysis.
- Web Application Security: Responsible for driving security initiatives in the development environment through collaboration with developer teams. Requires knowledge of automated and manual testing tools, API Security, OWASP remediations, working with repositories & branches, Agile & CI/CD methods, writing security stories, and being able to provide technical explanations for both the threat and the remediation to developers. Familiarity with Java, PHP, and Go are a plus.
- Offensive Security: Responsible for proactive threat hunting and penetration testing of all environments, documentation and reporting of findings, and working with other teams to assist with remediation and re-testing.
Qualifications and Education Requirements:
- The desire to LEARN and GROW as part of a TEAM
- Bachelor's degree preferred
- 5 + years of enterprise security experience
- Ability to effectively manage your time and communications.
- Ability to identify problems, analyze data, present conclusions, and drive changes effectively
- Knowledge of frameworks, standards, and best practices (i.e. NIST, OWASP, PCI, ISO, COBIT,)
- CCIE/CCNP Security, CISSP, CEH, CISM or similar certifications
- Critical Thinking -- Using logic and reasoning to identify the strengths and weaknesses of alternative solutions, conclusions or approaches to problems.
- Active Listening -- Giving full attention to what other people are saying, taking time to understand the points being made, asking questions as appropriate, and not interrupting at inappropriate times.
- Writing -- Communicating effectively in writing as appropriate for the needs of the audience.
- Skilled at communicating and prioritizing threats and vulnerabilities to a diverse audience, and be able to confidently express and assist with proper remediation methods