Principal Security Engineer

Job Locations US-MA-Wilmington
Posted Date 1 week ago(1/9/2022 7:19 PM)
Job ID
2021-2528
Organization
Cloud Ops / Security / IT

­

As part of the Security Team, this individual is responsible for leading security efforts focused on the corporate environment, both on-premise and in the cloud. This includes the design, implementation, operation, management, and monitoring of our security solutions designed to identify threats, protect the organization, and respond accordingly. Key focus areas are securing corporate assets, threat and vulnerability management, incident management and response, and supporting business needs with new ventures. This role will also help champion Security's message across the company by leading security awareness initiatives.

­

Responsibilities:

  • Strategic / Consultative
    • Provide enterprise security expertise and guidance around security issues and recommend solutions to mitigate and eliminate risk to TraceLink information assets
    • Contribute to the development and enhancement of policies and procedures aligned with ISO 27001 and other industry standards, frameworks, and best practices
    • Drive security awareness program
    • Review security capabilities and proactively work to identify and implement new capabilities
    • Evaluate and recommend new and emerging security products and technologies
  • Tactical
    • Understand attacker methodology and defend against them by threat hunting, building detection mechanisms, and automating remediation procedures
    • Conduct security assessments of on-premise and cloud environments to ensure security gaps are identified and implement remediation actions
    • Implement/enhance reporting to ensure comprehensive visibility of issues
    • Respond to security incidents; partner with other teams as needed to resolve
    • Drive improvements to design and operational effectiveness of security controls
    • Maintain current standard operating procedures, controls documentation, and configuration management
    • Maintain detailed documentation of enterprise security solutions and technical security standards
    • Create and deliver security awareness materials, execute internal phish testing

­

Requirements:

  • Minimum 8 years of relevant experience, including the following:
    • 3+ years directly driving security initiatives
    • 3+ years supporting and maintaining security tooling such as vulnerability management, EDR, EPM/PAM, DLP, SIEM, etc.
    • 2+ years architecting and engineering security solutions
    • 1+ year in automation engineering
  • Expert knowledge and experience with security concepts and tooling for securing, monitoring, auditing, and testing on-premise and cloud infrastructure
  • Advanced knowledge of system security vulnerabilities and remediation techniques
  • Advanced knowledge and experience with securing Windows, macOS, and Linux environments
  • Experience performing penetration testing
  • Experience with open source tools for security management, monitoring, and analytics
  • Experience developing programs to accomplish complex tasks using a modern scripting language (e.g., PowerShell, Python, etc.)
  • Experience with the application of threat modeling or other risk identification techniques
  • Excellent analytical, reasoning, and problem-solving skills with good knowledge of tools and techniques for anticipating, recognizing, and resolving technical problems
  • Excellent verbal and written communication skills, including executive-level presentations
  • Success with relationship building and working cross-functionally

 

Preferred:

  • Experience deploying in Public Cloud Services (AWS preferred)
  • CCSP, CISSP, CISA, CEH, SANS Security, or other industry and vendor-specific security certifications
  • Bachelor's degree in Computer Science, Information Systems Security, or related field, or equivalent experience

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed