Security Engineer II
The Security Engineer II will focus on the application of engineering principles to the design, implementation, and maintenance of security measures to protect an organization's information systems and data. These roles involve assessing vulnerabilities, developing security protocols, security monitoring and incident response, security development lifecycle activities, enterprise identity governance and administration, platform deployment and management and deploying technologies to safeguard against cyber threats, ensuring the integrity, confidentiality, and availability of information assets.
The Security Engineer II plays a critical role in supporting security solutions across the enterprise. This position is a second level role requiring an expanded foundational understanding of security engineering and software development practices to support security initiatives, ensuring secure architecture for workloads, and learning industry best practices. This person will complete testing or troubleshooting work to protect the organization’s technology environments and respond to emerging threats, vulnerabilities, and compliance requirements.
Job Will Remain Open Until Filled
The Company is one of North America’s leading sales and marketing agencies specializing in outsourced sales, merchandising, category management, and marketing services to manufacturers, suppliers, and producers of food products and consumer packaged goods. The Company services a variety of trade channels including grocery, mass merchandise, specialty, convenience, drug, dollar, club, hardware, consumer electronics, and home centers. We bridge the gap between manufacturers and retailers, providing consumers access to the best products available in the marketplace today.
Responsibilities
Supports assigned activities for small projects that potentially have an exceptional impact on the long-term growth of the company throughout the entire lifecycle
Learns, documents, and tests technical security standards and best practices to ensure compliance with security policies, guidelines, standards, controls, and governance
Reviews and assists with testing and documenting security designs
Support the Cyber Defense team by assisting in gathering evidence and tracking tasks
Understands key features for at least one product in the security portfolio
Develop an understanding of the latest security technologies, trends, and threats
Qualifications
Education Requirements: Bachelor’s degree (Degree in Cybersecurity, Computer Science or related field preferred)
Experience Requirements: 2–4 years experience in relevant field (Security Engineering or Cyber Defense experience preferred)
Travel requirement: No travel requirements
Supervisor Responsibility
Direct Reports: This position does not have supervisory responsibilities for direct reports
Indirect Reports: Does not have direct reports, but may delegate work of others and provide guidance, direction and mentoring to indirect reports
Required Knowledge and Skills
Broad, practical knowledge of securing cloud platforms such as public cloud providers
Advanced knowledge of cloud-native security services
Broad, practical knowledge of compliance standards such as ISO 27001, NIST, CIS, GDPR, and SOC2, and experience implementing governance policies
Broad, practical knowledge of security architecture principles and best practices, particularly in network defense, endpoint security, and cloud security
Broad, practical knowledge of cloud security services and tools like IAM, encryption, network security, firewalls, and logging/monitoring solutions
Familiar with common cloud security tools, able to automate straightforward tasks, and begins to identify areas for improvement in security processes by incorporating simple automation
Broad, practical knowledge of firewalls, intrusion detection/prevention systems (IDS/IPS), and endpoint protection solutions
Familiar with key regulatory frameworks, able to independently align security activities with compliance requirements, and supports audits with minimal guidance
Broad, practical knowledge of cloud network security and encryption methodologies
Able to provide assistance to cross-functional teams in risk management, incident response, and compliance activities
Strong communication skills, with the ability to communicate information that may involve explanation or interpretation within the department
Ability to think critically and make risk-based decisions in high-pressure environments
Working knowledge of conducting vendor security assessments and able to identify standard security risks in vendor contracts
Able to analyze and assess straightforward risks and recognize common incident patterns
Capable of identifying common new threats, applying updated practices with some guidance, and adjusting response strategies in familiar scenarios with limited supervision
Broad, practical understanding of Privilege Management, Application Control, Antivirus, Endpoint Detection and Response, File Integrity Monitoring, Intrusion Detection/Prevention Systems, logging/monitoring, and other commonly implemented enterprise security technologies
Broad, practical knowledge of network protocols such as TCP/IP, DNS, HTTP/HTTPS, BGP, OSPF, and SNMP
Environmental & Physical Requirements
Office / Sedentary Requirements: Incumbent must be able to perform the essential functions of the job. Work is performed primarily in an office environment. Typically, requires the ability to sit for extended periods of time (66%+ each day), ability to hear telephone, ability to enter data on a computer and may require the ability to lift up to 10lbs.
Additional Information Regarding Job Duties
Job duties include additional responsibilities as assigned by one’s supervisor or other manager related to the position/department. This job description is meant to describe the general nature and level of work being performed; it is not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required for the position. The Company reserves the right at any time with or without notice to alter or change job responsibilities, reassign or transfer job positions, or assign additional job responsibilities, subject to applicable law. The Company shall provide reasonable accommodations of known disabilities to enable a qualified applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by law.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this position. They are not intended to be an exhaustive list of all responsibilities, duties, and skills required of associates so classified. The Company is committed to providing equal opportunity in all employment practices without regard to age, race, color, national origin, sex, sexual orientation, religion, physical or mental disability, or any other category protected by law. As part of this commitment, the Company shall provide reasonable accommodations of known disabilities to enable an applicant or employee to apply for employment, perform the essential functions of the job, or enjoy the benefits and privileges of employment as required by law.
Software Powered by iCIMS
www.icims.com