Job Description
Security Engineer
Location : Des Moines, IA| Job Type : Full-time
Do you have a passion for data security? Are you naturally curious, analytical, and detail-oriented? Do you thrive in a collaborative environment and have experience implementing security best practices? If so, our client is looking for a Security Engineer to help safeguard our technology, network, and data.
This role requires a strong technical background and expertise in networking, data security, and IT security administration.
Key Responsibilities
Security Compliance & Monitoring
- Ensure compliance with our client's Information Security Program and security policies.
- Manage and optimize access review processes to ensure proper data and system access.
- Conduct daily monitoring of security tools (SIEM, firewalls, servers, endpoints) to detect and mitigate threats.
- Perform penetration testing annually, analyze results, and recommend remediation strategies.
- Research, deploy, and manage Palo Alto Firewalls to enhance security monitoring.
- Conduct OWASP penetration testing to identify and mitigate application vulnerabilities.
- Provide recommendations based on monthly external security scans and collaborate on remediation plans.
Threat Management & Incident Response
Identify and address potential security risks related to network infrastructure, applications, and data.Investigate security incidents, gather forensic evidence, and support incident response processes.Refine security rules, queries, and filters for SIEM event detection and analysis.Support disaster recovery efforts related to cybersecurity threats.Collaboration & Education
Work closely with IT Operations to analyze scan results, prioritize risks, and implement best practices.Partner with Culture & People teams to educate employees on corporate and IT security policies.Conduct third-party and vendor security assessments to ensure compliance with our client's security standards.Serve as a security subject matter expert (SME) in internal audits, risk assessments, and client meetings.Additional Responsibilities
Ensure PCI compliance and proper security protocols for internet and third-party data access.Enforce the use of antivirus, anti-spam, encryption software, and other security tools.Stay up to date on emerging security regulations (GLB, SOX, etc.) and implement proactive compliance measures.Continuously explore new security technologies and trends to enhance corporate security.Serve as a positive role model by representing our client's security expertise and culture.Perform other duties as assigned.Qualifications
Knowledge & Skills
In-depth understanding of security regulations and corporate asset protection.Strong knowledge of Microsoft Active Directory, Cisco firewalls, Azure, switches, and routers.Expertise in at least two of the following : networking, data security, IT auditing, or security administration.Strong problem-solving and analytical skills to identify security risks and develop solutions.Ability to collaborate and communicate complex security concepts to different audiences.Highly organized with the ability to manage multiple projects and prioritize tasks effectively.Ability to adapt to a fast-paced, ever-changing security landscape.Strong written and verbal communication skills.Availability to work off-peak hours when necessary to address urgent security risks.Education & Experience
Bachelor's degree in Computer Science, Cybersecurity, Information Systems, or a related field (or equivalent experience).Minimum of 6 years of IT-related experience, with at least 2 years in IT security.Certifications
Professional cybersecurity certification (e.g., SSCP, CISSP, CISM) required or must be obtained within one year of hire.
