Job Description :
100% Remote

Key Responsibilities:

The Senior Security Engineer serves as a technical lead for the IT Security Team and is responsible for the operation, maintenance, monitoring and implementation of IT security technologies, processes, and procedures. This job role will be well versed in understanding the information technology landscape including security, infrastructure, network, client, server, emerging technology standards and trends.

The Senior Security Engineer will manage and monitor outsourced security functions; will apply expertise in information security and protection systems to eliminate or reduce unauthorized access, disclosure or destruction of data in the care of Jackson Hewitt; assists with investigation of technology security breaches; identifies security issues; performs and participates in risk assessments; assists in the identification, development and implementation of security solutions; recommends secure solutions utilizing standard best practice security principles; assists in designing, implementing and measure required compliance controls and contributes to the overall security posture of the organization.

Duties/Responsibilities:

Lead the design, review, and implementation of strategic and tactical security initiatives.

Identify significant actual and potential cyber security problems, trends, and weaknesses and recommends specific modifications and solutions to reduce information systems security risks.

Provide architectural design and coordinate the implementation of security solutions to integrate into existing network environment. Establish requirements and make recommendations on the appropriate infrastructure protection tools, methods, and technologies.

Develop strategies for responding to future security challenges. Demonstrate effectiveness of the program for implementation on an organization-wide basis.

Review, create and update security policies, procedures, and standards, and present them to management for endorsement. Establish technical or procedural enforcements for pertinent policies within the organization. Facilitate organizational-wide communications and institute measures to ensure information security awareness and compliance.

Review new and existing systems, networks, and software designs for potential security risks, and resolve integration security issues across disciplines. Define the scope and level of detail for applicable security plans and policies.

Implement and interpret the requirements of ISO/IEC, PCI, SOX, and HIPAA policies, mandates, and standards. Develop the project plan for the implementation, identify major milestones and activities, and coordinate development and implementation. Develop plan and methodology for testing and measuring IT compliancy.

Act as a key member or representative of the Incident Response Team and possibly participate in the investigation of serious cyber security violations that potentially impact the integrity of Jackson Hewitt's infrastructure. Recommend action for containment and remediation based on findings and follow up to ensure the implementation of corrective actions.

Proactively monitor security infrastructure and tools to insure reliability and integrity of systems and applications. Develop and implement operational response procedures to maximize visibility, maintain stability and prioritize criticality of identified issues.

Investigate and respond rapidly to identified security incidents. Acquire, analyze, and interpret forensic images, packet captures and logs to accomplish rapid and accurate incident response. Recommend and implement tools, standards, and procedures to facilitate future investigations.

Educate IT team members in security best practices. Collaborate with IT Teams to incorporate security best practices into daily workflows and procedures.

Assist with development and implementation of Security Awareness Training for entire organization.

Other job duties as assigned.

Education/Experience:

Bachelor 's degree with a concentration in Computer Science or Business Administration or equivalent work experience required.

Five (5) + years' experience (7+ years in lieu of degree) in I.T. Security or related field.

Expert working knowledge of security tools such as Security Event Monitors, Nessus, Wireshark, TCPDUMP, Metasploit and Kali Linux.

Working knowledge of securing Windows and UNIX-based systems.

Proficient in network protocols such as TCP/IP, HTTP/HTTPS, SSH, SSL, SNMP, DNS, and SMTP.

Experienced/Certified in AWS Security, Architecture, and Infrastructure administration a strong plus.

Advanced proficiency in security concepts such as identity management, least privilege, defense in depth and separation of duties

Advanced proficiency in security technologies such as anti-phishing and vulnerability management.

Working knowledge of common web architectures and related security risks.

Working knowledge of large-scale TCP/IP networks including security risks.

Working knowledge of scripting languages (Python or Perl preferred).

Familiarity with incident response and forensic investigation.

Ability to lead small to medium-sized projects from conception to completion.

Experience writing technical specifications and operational documentation.

Expert-level troubleshooting skills.

Excellent oral and written communication skills and interpersonal skills.

A strong desire to learn while being able to complete tasks in a high-pressure environment.

             

Similar Jobs you may be interested in ..