Information Security Engineer

Overview

This organization provides a dynamic and supportive environment where employees can grow both personally and professionally. With modern facilities and a strong focus on innovation, the company offers opportunities to collaborate on impactful projects that advance the electrification of heavy-duty transportation and equipment.

The company’s commitment to innovation extends beyond its technology to its people. It strives to create an inclusive environment where individuals feel valued, supported, and empowered to contribute bold ideas that drive meaningful change. Employees benefit from competitive total-rewards packages and ongoing professional development opportunities.

Position Overview: Information Security Engineer

The Information Security Engineer will play a key role in developing, enhancing, and executing the organization’s information security operations. This role involves maintaining and implementing IT security systems to protect corporate, manufacturing, cloud, and IoT environments from cyber threats.

Key responsibilities include leading incident response and escalation activities with the security operations center, managing vulnerabilities, and contributing to the creation and improvement of security policies and procedures. The role will also conduct and lead risk assessments, support internal and external security assessments and audits, and assist in evaluating, configuring, and deploying new security technologies and tools.

About the Role – You will:

• Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation.
• Work with cross functional teams to support security requirements to protect organization’s corporate, manufacturing, cloud and IoT environments from cyber-attacks.
• Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning.
• Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes.
• Identify and analyze potential threat activity targeting client networks via monitoring systems, alerts, vulnerabilities, SIEM tools and network traffic and respond for immediate remediation.
• Work with cross functional teams to support security requirements to protect organization’s corporate, manufacturing, cloud and IoT environments from cyber-attacks
• Oversee and maintain existing security tools as well as overall enterprise security systems that include network and/or host-based intrusion detection systems, anti-virus/advanced EDR, SIEM/event correlation, file integrity monitoring, full packet captures, computer forensics, encryption, vulnerability management, data loss prevention and application scanning.
• Responsible for the coordination and actions needed for remediation generated by incident reports and manufacture recommended patching and hotfixes.
• Assist Crowdstrike Falcon Complete team in remediation of critical information security incidents in coordination with 3rd party SOC team.
• Implement and maintain security controls and have a suitable knowledge of existing cyber threats to infrastructure and clouded environments.
• Participate in scheduled security assessment activities and projects to ensure industry compliance.
• Initiate and maintain Security Incident Response Plan (SIRT) and After-Action Reports (AARs) to maintain operational continuity
• Identify, analyze and interpret threat actors and malicious activity in client environments act upon and take the appropriate actions towards remediation and documentation.
• Differentiate between potential intrusion attempts and pinpoint false alarms by working with EDR, Identity Protection and NextGen SIEM to develop resolution plans.
• Perform 3rd party vendor assessments and fulfill our security assessments requirements
• Triage and respond to security events - serve as a primary responder for incidents, taking ownership of incidents and tracking through resolution.
• Performs other related duties as assigned.

Your Experience Includes:

• 5 years of related information technology infrastructure experience with identity and access management [IAM], SSO solutions including (SAML 2, OAuth 2, OIDC).
• Some experience in securing enterprise networks, including firewalls, VPNs, intrusion detection/prevention systems (IDS/IPS), and secure network protocols (e.g., IPsec, SSL/TLS) heavy emphasis in SaaS apps such as Crowdstrike Falcon Complete, Netskope DLP, Nessus Tenable and asset management platforms such as Axionus.
• Overall Knowledge of endpoint protection technologies (e.g., anti-malware, EDR, DLP), and experience in managing and securing workstations, mobile devices, and servers.
• Have participated in penetration testing, vulnerability assessments, and red teaming exercises.
• General understating of industry standards, compliance, and legal requirements (ISO 27001, FedRAMP, NIST 800-171, NIST 800-53, SOC2, etc.)
• Excellent trouble-shooting abilities in software and hardware and be able to lead outage calls and trouble-shooting conversations until resolved and provide detailed root cause analysis reports.
• Above average understanding in vulnerability reporting using Saas platforms such as Nessus Tenable.

Education:

• Bachelor's degree in computer science, Information Security, Electrical Engineering or Management Information Systems preferred. Equivalent years of consecutive IT security experience with recognized industry certifications may be considered.

Certifications:

CISSP, CASP , SSCP , or other relevant security certificates

Certified Ethical Hacking (CEH) CISSP, CISA

Network , Security , Linux or combination of similar certificates acceptable.