InfoSec Engineer

*Please read carefully before applying.*

*No C2C or 3rd parties please.*

Information Security Engineer

Fully Remote, 8-5pm EST

Manufacturing Company – East Coast

120-140K base 15% bonus

Job Summary:

Manufacturing company seeking an Information Security Engineer to join its cyber security organization of 30 defending IT systems for a 5K person company. You’ll be part of the Cyber Security Operations team and serve as an Engineering SME in 2 major cyber security areas such as: Vulnerability Management, CASB, SIEM, EDR, XDR, SIEM, IPS/IDS etc. Expertise in one of the following tools is preferred: Netskope, CrowdStrike Falcon, Palo Alto Cortex. As the Engineer you’ll be responsible for product evaluation, creating POC’s, deploying, integrating, and configuring security tools. Secondarily, you’ll also have responsibility for Incident response. Private, family-owned company culture - very stable business model – company that promotes career growth for internal employees. Fully remote role. 8-5pm EST.

Must have:

• Minimum 5 Years’ Information Security Engineer
• SME in 2 of the following security areas:
• CASB – Netskope (preferred)
• EDR/EPP – CrowdStrike Falcon
• XDR – Palo Alto Cortex
• Vulnerability Management
• SIEM
• NAC
• DLP
• IPS/IDS
• Encryption
• Authentication
• Firewall
• Strong Networking skills, LAN/WAN, Intranet, Internet, VPN, VMware, VDI, PKI

Primary responsibilities include:

• Provide technical engineering security expertise for company-wide projects, implementing security standards and baselines, and researching advancements in all security technologies that would benefit secure business growth.
• Lead vulnerability management program working closely with the patching team to limit the vulnerability attack surface.
• Be or become the lead SME for various security tools including CASB, the Vulnerability Scanning Suite, EPP, etc to maintain and improve the functionality of our security tools.
• Investigate, recommend, and assist with implementing security solutions that provide detection, prevention, containment, and deterrence mechanisms to protect and maintain the integrity of data and network resources.
• Define security product requirements, conduct research, evaluation, testing, configuration, and implementation, to include identify management, access control, and intrusion prevention solutions.
• Ensure guiding procedures for incident response are in place, effective and up to date, to include periodic computer incident response team (CIRT) activation to validate response procedures.
• Use process management tools to track information about security systems administration requests and security events.
• Track, generate and provide effective reporting for use by system administrators, business leadership and end-users; recommends and implements an effective event correlation solution that analyses the output from these and other security tools in a cost-effective manner.
• Author security system and application processes for both operation and management, including as-build service configuration documents.

The ideal candidate should possess the following:

• Minimum 2 years of experience running security solutions on network/security engineering/security operations.
• Knowledge of IT security controls - firewalls, SIEM platforms, NAC, CASB, DLP, IPS/IDS, encryption, authentication, tokenization, XDR/EDR tools and desktop virtualization security.
• Working knowledge of the following technologies: Microsoft OS for Workstations/Servers , UNIX, firewall multi-layer design and implementation,, WANs, LANs, internet, intranets and network protocols (i.e., VPN, TLS, SSH, SFTP, TCP/IP, etc.), security assessment tools, vulnerability scanners, intrusion prevention systems, VMware, VDI, encryption, public key infrastructure (PKI).
• Experience with cloud security solutions
• Experience working with Palo Alto Firewalls Suite (certification highly preferred).
• Broad knowledge of network security practices, designs, methodologies, tools, and processes.
• Comprehensive knowledge of network architectures, equipment, and designs.
• Knowledge of vulnerability scanners and how to successfully implement and maintain an enterprise patching program.
• Security risk assessment skills.
• Working knowledge of information security-related technologies and products
• Bachelors’ Degree or Equivalent Experience in Computer Science, EE, Data Network Security Architecture and Design.
• Proven abilities to analyze security risks, provide remediation recommendations and create comprehensive security documentation.