Senior Security Engineer

Primary Responsibility:

This role will assist in evaluating, creating, and implementing security standards, processes, and procedures related to access control, application security, cloud security, endpoint security, and network security. Duties include assessing security issues to propose and manage the implementation and operation of controls and solutions that reduce risk and/or meet compliance needs.

Essential Functions:

Performs information security risk assessments of internally developed solutions and cloud-based solutions and services by partnering with business teams to identify secure solutions to business problems, working with the Infrastructure Team to deploy strategic security projects from end-to-end, reviewing network configurations to implement segmentation following secure best practices, investigating, documenting, and assisting with implementing security best practices for both corporate and warehouse environments, and implementing security technology solutions for prevention of unauthorized access and detection of security events.

Responds to possible security breaches by collaborating with appropriate leaders to identify, recommend, and develop risk remediation plans, and evaluating vendor security controls to ensure continued security compliance with Interface standards.

Supports multiple security technologies and platforms both on premise and cloud based by reviewing security technology and process standards and policies based on business needs and requirements, and maintaining knowledge of current and emerging security, compliance, and technical developments.

Promotes security best practices via awareness, example, and compliance with policies and regulatory requirements.

Performs other duties and responsibilities as needed, as assigned, or as requested.

Qualifications & Preferred Experience:

Two (2) years demonstrated information technology experience with focus in areas such as systems, network, mobile, and/or application security, designing and implementing information security and network security architectures, or demonstrated experience with administration, design and implementation of security controls including experience in applying methodologies and principles for all levels of security.

Bachelor s Degree (Information Technology) or equivalent degree with an information security emphasis preferred, or equivalent relevant experience.

Experience with security technologies such as cloud security (AWS, Azure, CASB), data security (DLP, Encryption, FIM/FAM, SIEM, etc.), endpoint security (AV, HIPS, MDM, Patching, etc.), network security (firewalls, IPS, NAC, WAF, etc.), access control (MFA, PAM, SSO, etc.), or other relevant technology.

Knowledge & Employment Standards:

Demonstrated knowledge of project management practices sufficient to coordinate and administer multiple initiatives within stated timeframe(s).

Demonstrated oral and written communication skills sufficient to organize and present technical issues and concepts to various levels of management, including those with non-technical knowledge and understanding.

Demonstrated negotiation and persuasion skills, analytical skills, and leadership skills sufficient to navigate differences of opinion and varying priority needs necessary to coordinate project completion between many different levels of management and various types of staff.

Demonstrated knowledge of various industry security standards and organizations necessary to maintain knowledge of current trends, contacts, and security enhancements.

Familiarity with one (1) or more types of information security frameworks such as ISO 27000 series, CIS Controls, NIST 800-171, or other similar technologies.

Demonstrated ability to apply time-proven, generally accepted security management methodologies, concepts, and techniques in the application and conclusion of implemented security solutions.