We are looking for an enterprise security engineer to join our security team to help us deliver on several key initiatives for the company in the software and security engineering spaces. Through your work, you will dramatically improve our security posture through efforts in the following areas:
* design, build and deploy automation to scale vulnerability discovery efforts
* drive vulnerability remediation across prod, corp, cloud, endpoint and mobile assets.
* provide actionable security guidance to asset owners in an effort to speed up vulnerability remediation
* endpoint hardening of macs, pcs, linux servers, windows servers, network equipment, saas, etc.
* compliance monitoring
* email security
* shadow it identification and remediation
* malware scanning and threat hunting
responsibilities and duties
* fine tuning and maintaining of all security tools
* evaluating new security solutions to identify security gaps and assist in remediation efforts to increase our security posture
* develop and implement security orchestration automation and response (soar)
* timely respond to security events, 0-day and outages
* monitor adherence to standards and recommend improvements as needed
qualifications and skills
* 5+ years of relevant security engineering experience
* up to date with recent security attack vectors and latest security research
* knowledge of edr, web application firewalls, and email security including dmarc/dkim/spf
* ability to operate independently, to learn new concepts and adapt to shifting priorities
* excellent communication skills and ability to communicate with multiple teams at the same time, across different time zones
* familiar with security standards such as nist, cis benchmarks
* industry recognized security certification (cissp, cisa, ceh, etc.)
* experience with threat based defense
* experience building countermeasures based on the kill chain or att&ck framework
* familiarity with operating system internals and hardening
* experience developing, deploying, and configuring security services and tools
* understanding of authentication, authorization, and directory services
#j-18808-ljbffr