IT Security Operations Engineer

MAIN PURPOSE OF THE JOB:

As the IT Security Operations Engineer, you will play a crucial role in the analysis, design, implementation, and ongoing management of security controls. The IT Security Operations Engineer is responsible for maintaining the confidentiality, integrity, and availability of our information assets, safeguarding against emerging threats and vulnerabilities. This role involves managing complex projects, spearheading continuous improvement initiatives, and implementing innovative technologies and methodologies to maintain robust cybersecurity defenses against evolving threats.

You will contribute to steering Viant to face future cybersecurity challenges. Leveraging your strong technical expertise to develop, deploy, and implement innovative solutions that enhance reliability, scalability, and our security posture. By aligning IT Security with business objectives, you will ensure the uninterrupted production of medical devices.

Additionally, you will have the opportunity to work with every site and department within Viant, fostering personal growth and professional development through diverse interactions and projects. As an associate within Viant IT, you will embody and promote Viant values, ensuring that you operate with integrity, accountability, and a commitment to excellence. You will play a crucial role in contributing to the overall success of Viant as a whole.

KEY RESPONSIBILITIES AND DUTIES:

• Act in alignment with the core values of the company, demonstrating agility, teamwork, leadership, ownership, customer focus, and integrity in all actions.
• Provide support outside regular working hours to ensure Viant’s security and address urgent issues when required to support business operations.
• Engage actively in company-wide and site-specific projects aimed at continuous improvement of processes.
• Analyze and assess the effectiveness of existing security controls, policies, and procedures.
• Design, implement, and configure security measures to enhance the protection of Viant's IT environment.
• Conduct ongoing analysis of emerging threats and vulnerabilities, providing proactive recommendations for control improvements.
• Design, implement, and continuously improve Zero Trust security controls, focusing on identity, device posture, least privilege, and continuous verification.
• Own the end‑to‑end vulnerability management lifecycle, including discovery, prioritization, remediation tracking, and risk acceptance.
• Correlate vulnerability data with asset criticality, exploitability, and business impact.
• Collaborate with internal teams and external vendors to ensure the operational efficiency of security controls.
• Configure and manage intrusion detection systems, network forensics, and endpoint security solutions.
• Independently evaluate and enhance security controls to ensure alignment with industry best practices and organizational goals.
• Provide expertise in the development and execution of disaster recovery controls.
• Conduct regular internal security audits to assess compliance with established controls.
• Monitor and respond to cybersecurity incidents, working alongside the Security Incident Response Team in incident response activities.
• Safeguard sensitive information and adhere to applicable regulations and policies.
• Lead post-incident analysis to ensure accurate root causes of incidents are identified, appropriate preventive actions are realized and tracked, and to reduce the likelihood of future cybersecurity events.
• Manage physical security controls and manufacturing systems.
• Contribute to the development of cybersecurity reports and business technical guidance.
• Stay informed about cybersecurity trends and contribute to the development of the Viant security strategic plan.
• Collaborate with the IT Security Manager on cybersecurity risk management and vendor risk management.
• Work closely with the Security Team on identity access management and user access control.
• Collaborate with relevant stakeholders for 3rd party cybersecurity audits, penetration testing, and vulnerability assessments.
• Maintain and update documentation related to security procedures and configurations.
• Maintain knowledge of Viant corporate IT policies and Viant privacy policies.
• Report any security incident or suspected security incident to the Viant Security Incident Response Team.
• All other duties as assigned.
  
  

POSITION REQUIREMENTS:

Knowledge/Education:

• Bachelor’s degree in information security, Cybersecurity, or a related field required
• Security required
• Microsoft 365 certifications preferred
• CISSP preferred
  
  

Job Experience:

• 7 years of system administrator experience required
• 4 years in IT Security Operations experience required
• 3 years of manufacturing experience preferred
• Preferred prior experience working from home with designed work area and high-speed internet connection
  
  

Skills/Competencies:

• Ability to work effectively in a fast-paced team environment as well as independently.
• Resourcefulness in handling unexpected challenges.
• Must have excellent time management skills with the ability to work independently with little supervision.
• Highly self-motivated, enthusiastic, who has the ability to understand and take the “big picture” into account
• Strong aptitude for working with technology, ability to learn and absorb innovative technologies quickly.
• Proven capability in managing multiple tasks simultaneously and prioritizing time efficiently.
• Demonstrated understanding of fundamental critical thinking concepts, with a proven ability to apply these principles to effective problem solving.
• Proven documentation skills including policies and procedures.
• Pro-active in identifying potential issues with a proposed process or systems change.
• Advanced understanding of cybersecurity principles, protocols, and best practices.
• In-depth working knowledge of networking, firewalls, routing, switching, and wireless technologies.
• Experience with intrusion detection systems, network forensics, and endpoint security solutions.
• Configuring, managing, and utilizing SIEM for security event monitoring, log correlation, and incident detection. 
• Expertise in designing, configuring, and managing security controls.
• Ability to conduct proactive research on emerging security threats and vulnerabilities.
• Strong analytical, problem-solving, and troubleshooting skills.
• Capacity to work independently and as part of a team in a fast-paced environment.
• Proven experience in coordinating with counterparts in a distributed organization.
• Stay up-to-date with the latest developments in cybersecurity.
• Microsoft 365 Services (Entra, Intune, Security, Compliance, Endpoint, Purview)
• Hands‑on experience with Zero Trust concepts, identity‑centric security, and conditional access controls.
• Practical experience securing Azure and/or AWS cloud environments.
• SPF, DKIM, DMARC understanding
• Active Directory hardening
• Endpoint hardening (Windows, Linux, IOT, Mobile)
• Network IDS, IPS, secure wireless standards
• Disaster Recovery design, planning, implementation, and testing
• Ransomware protection
• EDR/XDR experience
• Penetration Testing
• Endpoint encryption
• Identity Threat Protection
• Data Loss Prevention
• Backup immutability and air gapping
• Privileged Access Management
• User Access Controls
  
  

Travel:

• Up to 25% of the time or as needed
  
  

We offer market competitive compensation. Potential salary range for this role is $100k-$130k. Actual pay will be determined based on experience, qualifications, geographic location, and other job-related factors permitted by law.