Information Technology Security Engineer

About the role 

The Information Security Engineer is responsible for providing administration support of several security technologies. These responsibilities include day-to-day support of various security hardware/software applications, monitoring and alerting to security threats, and assist in facilitating the remediation of those threats. The Information Security Engineer provides services and support across a diverse range of business applications, while adhering strictly to compliance and operational risk controls in accordance with regulatory standards, and PRO Unlimited policies and practices. The position requires a good degree of technical proficiency and familiarity with software, system and network security issues in large enterprise environments.

What You Will Do

• Provide assistance to support, maintain and monitor multiple security technologies, such as vulnerability scanning solutions, IDS/IPS, anti-virus technologies, DLP capabilities, SIEM technologies, web application firewalls, m365 and Cloud technologies (Azure, AWS).
• Work on company security project initiatives.
• Assist in the assessment of security information, triaging and responding to security events, identify false positives, and conduct correlation analysis across numerous internal and external data sources while prioritizing information security incidents.
• Provide assistance in the handling and resolution of security incidents, to include system intrusions and abuse and acts as a primary point of contact.
• Participates in development and implementation of information security policies and procedures.

• Assist in the enforcement of data security practices within the corporate systems environments; tests for exposures to ensure adherence to guidelines and procedures, and works with platform experts to implement remedial measures as appropriate.

• Participates in special projects concerning information security, including testing and implementation of security technology enhancements. Maintains standard operating procedures to reflect day-to-day security operations.
• Tests security controls and manages the associated remediation of any deficiencies as needed.
• Assists in developing responses to internal & external audits, penetration tests and vulnerability assessments.
• Performs other duties as assigned REQUIRED.

Preferred Qualifications

• Minimum 7 years’ experience in IT with at least 3 of the years working security issues.
• Hands on experience with mitigating security controls (i.e., anti-virus, IPS/IDS, DLP, web and network proxies, multi-factor authentication, etc.) and how they work in an overall defense in depth risk assessment methodology.
• Experience with cloud solutions (Azure/AWS).
• Experience in vulnerability management and remediation.
• Good understanding of network, workstation, and server security configuration.
• Experience supporting information security design concepts, including testing and implementation of security technology enhancements.
• Experience with regulatory compliance regulations (PCI, SOC, etc.)
• Experience with Security Standards (ISO, NIST, etc.)
• Must be able to effectively interact with other teams across the organization.