What are the responsibilities and job description for the Sr. Security Engineer position at Ministry Brands?
Ministry Brands is looking for a Sr. Security Engineer to join our growing team!
Who We Are
Ministry Brands is a leading provider of SaaS operational management systems, payments platforms, digital engagement tools and background screening solutions for faith-based, non-profit and for-profit organizations. We serve more than 95,000 customers as a trusted partner in digital transformation and enablement – advancing missions, driving efficiencies, and building engaged communities for more than four decades. The diverse and real-world experiences of our team members serving their communities makes us stronger together and enhances our ability to advance digital transformation for the greater good.
Ministry Brands is committed to acknowledging and valuing our employee differences and to creating an environment in which every individual’s unique strengths and abilities are developed and valued. Our employees share in the responsibility for creating this environment and demonstrate mutual respect and acceptance in the workplace. We welcome everyone and are dedicated to creating a culture where all our employees have equal opportunity to be heard and reach their full potential.
Available Location: Alpharetta, GA
Hybrid Working: In this role, you will split your time between working at the designated company office in Alpharetta, GA for a minimum of 3 days per week and will work remotely from your home address up to 2 days per week. Any changes to these work locations must follow the appropriate process as outlined in our handbook.
What You'll Do:
As the Security Engineer you will be responsible for executing all phases of the security technology lifecycle including technical requirements, architecture, design, implementation, and monitoring. The Security Engineer possesses an in-depth understanding of current and emerging threats and technology to drive improvement in all technical areas of security including network, data, application, cloud, IAM, mobile and endpoint. Integral to the success of this role is building partnerships across IT, R&D, Product and Business, and strong communication skills, and maintaining an internal and external peer network.
Key Responsibilities:
At Ministry Brands, we recognize that your career is just one important piece of your dynamic life. We offer a robust range of benefit offerings designed to cultivate a lifestyle of balance and personal success.
Robust healthcare options – Options include a plan that is 100% covered by Ministry Brands for employee only coverage as well as a generous HSA contribution by the company. Employees have several healthcare options to choose from in order to find what works best for them.
Flexible paid time off – There is no perfect, one size fits all balance between work and home. We provide flexible work schedules, PTO for vacation, and up to 80 hours of paid sick/safe leave. We also feature 11.5 days of fully paid holidays!
Paid parental leave – Adding a new child to the family is a big adjustment! We provide the time and income to allow parents to adjust to their new normal in the healthiest way possible.
Mental health support – Ministry Brands is a stigma free company with the National Alliance on Mental Illness. Associates are supported through an Employee Assistance Program which provides access to in-person or virtual counseling at no cost.
Professional development reimbursement – Ministry Brands aims to support your professional development and empower you to drive your career by providing financial assistance to our associates seeking to further their education and career.
Employee Recognition & Rewards - At Ministry Brands, we use Nectar to celebrate achievements and strengthen our culture of recognition. This social platform empowers employees to send meaningful kudos, award points redeemable for rewards, and highlight contributions that exemplify our values. Through Nectar, we foster engagement and appreciation while providing tangible ways to recognize great work.
Ministry Brands is proud to be an Equal Employment Opportunity Employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.
Who We Are
Ministry Brands is a leading provider of SaaS operational management systems, payments platforms, digital engagement tools and background screening solutions for faith-based, non-profit and for-profit organizations. We serve more than 95,000 customers as a trusted partner in digital transformation and enablement – advancing missions, driving efficiencies, and building engaged communities for more than four decades. The diverse and real-world experiences of our team members serving their communities makes us stronger together and enhances our ability to advance digital transformation for the greater good.
Ministry Brands is committed to acknowledging and valuing our employee differences and to creating an environment in which every individual’s unique strengths and abilities are developed and valued. Our employees share in the responsibility for creating this environment and demonstrate mutual respect and acceptance in the workplace. We welcome everyone and are dedicated to creating a culture where all our employees have equal opportunity to be heard and reach their full potential.
Available Location: Alpharetta, GA
Hybrid Working: In this role, you will split your time between working at the designated company office in Alpharetta, GA for a minimum of 3 days per week and will work remotely from your home address up to 2 days per week. Any changes to these work locations must follow the appropriate process as outlined in our handbook.
What You'll Do:
As the Security Engineer you will be responsible for executing all phases of the security technology lifecycle including technical requirements, architecture, design, implementation, and monitoring. The Security Engineer possesses an in-depth understanding of current and emerging threats and technology to drive improvement in all technical areas of security including network, data, application, cloud, IAM, mobile and endpoint. Integral to the success of this role is building partnerships across IT, R&D, Product and Business, and strong communication skills, and maintaining an internal and external peer network.
Key Responsibilities:
- Design, deploy, and manage the implementation of multiple information security technologies including end point, application, database, network, cloud, infrastructure, and identity management solutions.
- Proficient in various programming languages (e.g., Python, Powershell, Bash) for scripting and automation.
- Design and deploy technology to support security operations centers including log management, SIEM, vulnerability management, patch management, and forensics tools.
- Lead security assessments, identify gaps in existing security architecture, and recommend changes or improvements.
- Conduct research to identify threats and attack vectors and develop mitigating solutions to manage the risk.
- Support the execution and coordination of application and infrastructure penetration testing.
- Review and document security related change requests and advise management on approval decisions.
- Maintain technical currency and continuously leverage opportunities to strengthen skills and broaden expertise.
- Establish and manage the threat management/intelligence program (including threat modeling, assessment, hunting) to support the Security Operations Center (SOC) and integrate with the risk management functions.
- Assess and investigate security incidents, and work with application and operations teams throughout the investigation cycle to ensure remediation, eradication and lessons learned are rolled back into daily operations.
- Collaborate with cross-functional teams to integrate security into development processes and projects.
- Help identify new exploits, threats, and mitigations for detection engineering and define and maintain domain and enterprise level threat modeling.
- Mentor junior cybersecurity staff in cybersecurity technology, engineering methods and technical process development.
- Document and execute security runbooks and ensure all stakeholders are educated on their roles in the process.
- Passionate about cybersecurity and enthusiastic about helping a purpose driven organization achieve a strong security posture with focus on defense in depth principles.
- Bachelor’s degree or an equivalent combination of education and experience
- 5 years of experience in information security technology
- Current CISSP preferred
- Proficient using Qualys VMDR, EDR, and other Qualys modules for vulnerability scanning, malware detection and response a plus
- SIEM and SOC management and incident / event response.
- Microsoft 365 administration, security and compliance modules
- Proficient using BurpSuite Pro to assess web application security
- Ability to work as an individual with minimal supervision and work as part of a team in larger projects
- Experience in network, infrastructure, cloud and web application security.
- Experience in managing and operating vulnerability/patch management process and tools.
- Strong written and verbal communications skills with the ability to create and present technical recommendations to executive management as well as influence and persuade peers and business stakeholders
- Demonstrate a deep understanding of several cloud concepts and architectures with a focus for how security controls are applied to cloud-based technologies. Example cloud concepts include, but are not limited to:
- Architecture & Networking
- Identity & Access Management
- Secrets and Data Protection
- Logging, Detection, and Response
- Security Controls for Containers (e.g., Docker, Kubernetes)
- Assess and secure cloud projects.
- Deep understanding and implementation of industry-leading practices for cloud security risks using frameworks and standards such as CIS Benchmarks, Cloud Security Alliance, NIST SP 800-144, 800-145, 800-291, and 800-322.
- Demonstrated experience in engineering security solutions including Zero Trust, applications, network infrastructure and data integration/management.
- Demonstrated experience in engineering and implementing large complex security solutions and programs (i.e. SOC, Identity Management, SSDLC, DLP).
- Experience in engineering security for cloud environments (IaaS, PaaS, SaaS) as well as leveraging cloud-based security solutions.
- Experience managing multiple projects of diverse scope and effectively collaborating in a cross-functional team environment.
- Demonstrated knowledge on how business enabling technology (e.g. IoT, A.I.) increases the threat landscape, while understanding how to apply technology and process to mitigate cyber risk.
- Knowledge of risk management processes and experience in conducting risk assessments.
- Ability to automate common tasks in programming/scripting language and strong knowledge of application programming interface (API) interaction methods.
- Experience as an engineer performing incident response and basic forensic analysis.
- Ability to work in a general office environment
- Ability to handle extended periods of computer-based work, including telephone
- Ability to work flexible and long hours, as needed, including outside regular business hours and days
- Domestic and/or international travel required, estimated up to 5%
At Ministry Brands, we recognize that your career is just one important piece of your dynamic life. We offer a robust range of benefit offerings designed to cultivate a lifestyle of balance and personal success.
Robust healthcare options – Options include a plan that is 100% covered by Ministry Brands for employee only coverage as well as a generous HSA contribution by the company. Employees have several healthcare options to choose from in order to find what works best for them.
Flexible paid time off – There is no perfect, one size fits all balance between work and home. We provide flexible work schedules, PTO for vacation, and up to 80 hours of paid sick/safe leave. We also feature 11.5 days of fully paid holidays!
Paid parental leave – Adding a new child to the family is a big adjustment! We provide the time and income to allow parents to adjust to their new normal in the healthiest way possible.
Mental health support – Ministry Brands is a stigma free company with the National Alliance on Mental Illness. Associates are supported through an Employee Assistance Program which provides access to in-person or virtual counseling at no cost.
Professional development reimbursement – Ministry Brands aims to support your professional development and empower you to drive your career by providing financial assistance to our associates seeking to further their education and career.
Employee Recognition & Rewards - At Ministry Brands, we use Nectar to celebrate achievements and strengthen our culture of recognition. This social platform empowers employees to send meaningful kudos, award points redeemable for rewards, and highlight contributions that exemplify our values. Through Nectar, we foster engagement and appreciation while providing tangible ways to recognize great work.
Ministry Brands is proud to be an Equal Employment Opportunity Employer. We do not discriminate based upon race, religion, color, national origin, gender (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity, gender expression, age, status as a protected veteran, status as an individual with a disability, or other applicable legally protected characteristics.