Security Engineer

The Security Engineer provides enterprise operational, administrative and project support for the Information Security department whose purpose is to ensure the integrity of Information Systems assets and to protect systems from unauthorized access or destruction. This role includes, but is not limited to: network security, systems security, IT policy, security solutions, incident response, monitoring, reporting, and general Information Technology concepts.

The Security Engineer will perform technical analysis, installation, maintenance & modification of systems and software. Monitor, analyze and report on performance of systems. Participate in security solution implementations, incident response & remediation for identified incidents, participate in the development of policies, standards, procedures for the general operation of the InfoSec Team. This is a full-time position that requires availability from 8:00am to 4:00pm MST, Monday through Friday.

Essential Functions

• Perform security assessments and threat hunting campaigns to identify potential security risks in all aspects of the business including technical implementations (applications or equipment) as well as IT or business processes.

• Assist in the development and delivery of end user security awareness training, effective reporting, as well as performance metrics.

• Train and mentor team members as well as non-team members in the global IT environment of security best practices and methods.

• Risk Management and Reporting both written and oral

• Identification of potential security risks in all aspects of the business including technical implementations (applications or equipment) and IT or business process

• Stay up-to-date with emerging cybersecurity threats and trends and provide recommendations to mitigate them.

• Participation in internal and third-party audits of the company's IT security policies, procedures, as well as operational duties while leading any remediation efforts that may be identified as a result of an audit.

• Conduct research and analysis and/or develop recommendations related to public security breaches.

• Develop automation and playbooks to improve process and response to security actions

Do you have experience in Research?, * Minimum of three years of experience performing triage/incident response in enterprise environments

• Minimum of three years of experience performing forensic analysis of logs and packet captures to identify malicious artifacts

• Excellent written and oral communication skills

• Strong understanding of automation and playbook creation

• Security certificates recommended, but not required similar to CompTIA Security+, CySA or Network+

• Strong research background and an analytical approach, especially with respect to event classification, event correlation, and root cause analysis

• Ability to follow through with projects to completion both individually and in a group

• Demonstrates key competencies to include and ensures accountability, drives results, and self-development

• Experience with PowerShell and Python

Closing Statement