Security Engineer

About the RoleThe Information Security team is responsible for the oversight and execution of the Enterprise's Information Security, Business Continuity and Risk Management programs to support our business goals. This includes, but is not limited to security operations, vulnerability and patch management, incident response, disaster recovery, business continuity, risk identification and mitigation planning / implementation, identity management, network security, privacy, and compliance.The position of Security Engineer will report to the Director, Security Architecture and will focus on deploying and managing security tooling to reduce the attack surface across our entire environment. In this role, you will be responsible for selecting, implementing, and managing the tools that identify, monitor, and mitigate vulnerabilities in our infrastructure, applications, and endpoints. You will work closely with engineering and operations teams to ensure that our security toolset is continuously improving and effectively reducing the organization's exposure to cyber threats.This position is ideal for someone with a deep understanding of security tools, vulnerability management, and attack surface reduction strategies, as well as experience in automating security workflows.Responsibilities: Tool Selection and Implementation: Research, evaluate, and implement security tools and technologies designed to reduce attack surfaces across the organization. This includes vulnerability management tools, endpoint protection platforms, network monitoring systems, and cloud security solutions. Attack Surface Reduction: Leverage security tools to proactively reduce the attack surface by identifying vulnerabilities, misconfigurations, and areas of risk within our environment, and implement mitigating actions. Tool Integration & Automation: Develop automation scripts and integrate security tools into existing workflows to improve operational efficiency, reduce human error, and ensure continuous monitoring and mitigation of vulnerabilities. Security Monitoring: Continuously monitor the performance and effectiveness of deployed security tools, ensuring that they are configured optimally to detect and respond to emerging threats and vulnerabilities. Vulnerability Management: Collaborate with cross-functional teams to manage and prioritize vulnerabilities detected by security tools. Work with engineering teams to ensure timely patching, remediation, and secure configuration of systems. Data Correlation & Analysis: Use tools to gather and correlate data related to attack surface exposure, identifying trends, anomalies, and potential areas for improvement. Provide regular reports to stakeholders on attack surface reduction progress and areas of concern. Incident Response: Support the incident response team by leveraging security tools to investigate, identify, and mitigate vulnerabilities or weaknesses that may have been exploited during an attack. Documentation & Reporting: Document tool configurations, processes, and procedures to ensure repeatability and maintainability of attack surface reduction initiatives. Provide regular reports and metrics to leadership on the status and effectiveness of security tools. Continuous Improvement: Stay up-to-date on the latest security trends, vulnerabilities, and new tools that can enhance attack surface reduction efforts. Recommend improvements and new technologies to continuously evolve the security program. Requirements and Qualifications: Bachelor's degree in Computer Science, Information Security, or a related field. 4+ years of experience in an Infrastructure or Security Engineering role. Hands-on experience with security tools such as vulnerability scanners (e.g., Nessus, Qualys, OpenVAS), cloud security tooling (e.g. Wiz, Prisma cloud), as well as cloud native security tooling within Azure and AWS. Strong experience in configuring and integrating security tools with on-premises estates (e.g. Data centers) and multi-cloud environments (AWS, Azure, GCP). Knowledge of automation tools and scripting languages (Python, Bash, PowerShell, etc.) to automate workflows and integrate security tools. Experience assessing and hardening Kubernetes environments. Experience integrating DevSecOps tooling into development pipelines to improve the security of internally developed software as well as Infrastructure as Code. Networking technology proficiency (firewall configuration and maintenance, DNS, traffic analysis). Microsoft 365 (E5), Azure, and AWS experience. Experience in implementing enterprise-wide vulnerability management solutions, including container-based vulnerability management. Possession of or ability to obtain professional certifications in information security or risk management, such as a CISSP, CISM, or Microsoft / Azure Security Certifications. Self-starter who demonstrates strong ownership of their domain. Interpersonal and collaborative skills and the ability to communicate security and risk-related concepts to technical and nontechnical audiences. High level of personal integrity, and the ability to professionally handle confidential matters. Natural passion for security and strong drive to see both projects and investigations to completion. It is impossible to list every requirement for, or responsibility of, any position. Similarly, we cannot identify all the skills a position may require since job responsibilities and the Company's needs may change over time. Therefore, the above job description is not comprehensive or exhaustive. The Company reserves the right to adjust, add to or eliminate any aspect of the above description. The Company also retains the right to require all employees to undertake additional or different job responsibilities when necessary to meet business needs. Must be legally authorized to work in the United States without the need for employer sponsorship, now or at any time in the future. Benefits & Perks: Time Off: 25 days of PTO for full-time employees and 12 company holidays. Company Paid Benefits: Life insurance, Short-term disability, Long-term disability, Paid parental leave, Employee Assistance Program, and medical insurance in our high deductible health plan. Optional Employee Paid Benefits: Medical insurance in our EPO plan, Dental benefits, and Vision benefits. We also offer Health Savings Accounts, Flexible Spending Accounts, Supplemental Life insurance, and more. 401(k): Eligible after 60 days. Discretionary company match of 50% up to the first 6% of contributions. EQUAL OPPORTUNITY EMPLOYER ALCORITY IS AN EQUAL EMPLOYMENT OPPORTUNITY EMPLOYER. THE COMPANY'S POLICY IS NOT TO DISCRIMINATE AGAINST ANY APPLICANT OR EMPLOYEE BASED ON RACE, COLOR, RELIGION, NATIONAL ORIGIN, GENDER, AGE, SEXUAL ORIENTATION, GENDER IDENTITY OR EXPRESSION, MARITAL STATUS, MENTAL OR PHYSICAL DISABILITY, AND GENETIC INFORMATION, OR ANY OTHER BASIS PROTECTED BY APPLICABLE LAW. THE FIRM ALSO PROHIBITS HARASSMENT OF APPLICANTS OR EMPLOYEES BASED ON ANY OF THESE PROTECTED CATEGORIES.#J-18808-Ljbffr

Created: 2025-01-14