Security Engineer

The Security Engineer is responsible for ensuring that technical and procedural security controls are established and maintained within the organization and complies with a variety of security requirements as well as industry best practices. The position works closely with the Information Security Officer, IS leadership, and team members to implement and maintain security and compliance across LBMC.

The Security Engineer will assist in managing Security Systems such as various endpoints, network logging, monitoring, physical access methods, and preventive systems as needed. The Security Engineer must focus on continuous improvement of response capabilities through automation and critical thinking. The professional is responsible for scrutinizing malware, targeted attacks, and intrusion detection. The Security Engineer will identify, investigate, and respond to information security alerts. They play an active role in searching through datasets, alerts, and notifications to detect any threats and anomalies.  The security engineer will help resolve any issues related to network perimeter and security infrastructure devices. They must help resolve Windows and other security vulnerabilities.

The Security Engineer must be able to dissect network, host, memory, and other artifacts that are originating from multiple operating systems and applications. The engineer will perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the security engineer to develop alerting and detection strategies to investigate any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics.

The Security professional must be involved in incident response and investigations. The Information Security Engineer may suggest tools and techniques to achieve security goals. The Security Engineer may perform well-researched security enhancement suggestions to the ISO which meet security standards that protect the organization from possible security breaches.

Essential Responsibilities

• Security Alerts: Review, respond, and remediate where applicable;
• Vulnerability remediation (may also be tasked with vulnerability administration, enhancements, scans, and automation development opportunities);
• Phish campaign monitoring and resolution;
• Analyze security systems and seek improvements on a continuous basis;
• Report possible threats or software issues;
• Research weaknesses and determine ways to counter them;
• Understand software, hardware, and internet needs while adjusting them according to our business environment;
• Assist fellow employees with cybersecurity, software, hardware, or IT needs;
• Carry out and support information security plans and policies;
• Respond to, investigate, and assist in recovery efforts related to a security breach;
• Assist in Security Awareness training development and support;
• Troubleshoot security and network problems;
• Ensure the organization's data and infrastructure are protected by enabling and/or recommending appropriate security controls;
• Participate and follow the change management process;
• Daily administrative tasks, reporting, and communication within Information Security as well as relevant departments within the organization, as needed or directed;
• Administer, configure, and troubleshoot security infrastructure devices such as Varonis;
• Test new software and firmware, as needed or directed.

Operational Management

• Work closely with IS Engineering, Security Engineers/Analysts, and other IS departments on corporate technology development to fully secure information, computer, network, and processing systems;
• Recommend and implement changes, where appropriate, related to security policies and practices in accordance with changes in local and federal law;
• Creatively provide resolution to security issues/problems in a cost-effective manner;
• Collaborate with the Information Security Officer to establish and maintain systems for ensuring security and privacy policies are met.
• Other security responsibilities as directed by the Information Security Officer

Other Qualifications

• Minimum of 1 - 3 years progressive experience in Cybersecurity technology development/engineering, with an emphasis on cybersecurity technology installations projects, administration, development, support, and related security tools/technology implementations;
• Position requires a 4-year degree in Information Systems, Computer Science, Information Security or similar. An equivalent combination of education and experience will be considered;
• For those not meeting the minimum education, additional work-related experience will be deemed equivalent;
• CISSP or related certification is an advantage;
• Strong knowledge of core IT and Security infrastructures including Active Directory, Azure AD, Microsoft Windows security controls, SIEM, AV/EDR [specifically Microsoft o365/E5], IPS, PIM, PAM, IAM, Certificate Management, vulnerability scanners, etc.;
• Working knowledge and experience in the following areas:
• Cloud computing security in Azure/Windows environments, security controls, security capabilities identification;
• Experience in working on Microsoft products and can learn new systems quickly;
• Experience with Nessus, Sentinel, Log Analytics, M365 Security stack, penetration testing, security patching, AppLocker, etc.;
• Strong verbal and written communication skills required;
• Must be able to handle multiple, simultaneous tasks effectively and efficiently while maintaining a professional, courteous manner;
• Must be able to work well with others;
• Must be detail oriented and organized;
• High integrity, including maintenance of confidential information;
• Must be able to exercise good judgement and positively influence others, including handling confrontations/conflict with poise and efficiency;
• Focus on continuously improving skillset to meet security changes and challenges;
• Based on business need, ability to work a flexible schedule, including some evenings and weekends as approved in advance or as required to support a security issue;
• Regular and reliable attendance required.