The Senior Security Engineer will lead security technical engineering for AAA Northeast overall infrastructure and services, and work to automate processes related to security implementations, monitoring, and enforcement. The selected candidate will also lead security operations and systems including intrusion detection/prevention, firewall administration and implementation, securing services, and securing host systems against external and internal exploits; provide security consulting to AAA initiatives and use their expertise in risk and threat management to provide guidance and validate security controls on the various projects, and support the compliance efforts of the AAA Northeast.
Act as a mentor to the rest of the Info-Sec team to raise the understanding of security threats and how to best mitigate them in the environment.
Work with the IT Security Specialist to maintain the Club certifications and ensure that the relevant security controls are in place and documented.
Remain up-to-date on all current infrastructure risks and threats to an enterprise, including viruses, denial of service attacks, information theft, and any new compromises to the global internal security architecture. Provide a leadership role for technical support in maintaining, tuning, and extending the security infrastructure as required by the needs of the Club.
Assist the Director of IT Security in evaluating security posture and security preparedness against the latest global threats to ensure AAA Northeast is not compromised or breached in any way.
Identify and evaluate potential security related solutions which could be used to increase the security posture of the club.
Interface with the user community and other members of Information Technology to understand and facilitate security needs. Based on individual skills perform other job or technology related duties.
Bachelor degree in Computer Science, Business Analytics, or other related fields, or 6-8 years of relevant experience.
7 Relevant experience including building and maintaining a corporate security infrastructure.
5 Windows and Linux operating systems, with a working understanding of web application technology
CISSP certification preferred
Experience with designing secure networks, systems, and application architectures in on premise, private cloud, and public cloud environments
Excellent understanding of network, systems, and cloud security protocols, concepts, and implementations
Experience with risk assessment tools, technologies, and methods
Experience with endpoint security solutions, including file integrity monitoring and data loss prevention
Experience with current identity and access management controls and solutions, including Active Directory, and single sign-on solutions
Experience with network security solutions, including firewalls and VPNs.
Experience with various operating systems (Unix, Windows, Mac)
Experience with compliance frameworks (NIST, ISO, PCI-DSS) and regulations.
Excellent troubleshooting and problem-solving skills
Ability to learn new technologies quickly while applying relevant security concepts
Applicable security certifications desired
Hands on experience automating security tools for monitoring, response, and testing. Scripting and programming experience (python, powershell, and bash)