Senior Information Security Engineer

Learn what makes QTS a unique place to grow your career!

The Senior Information Security Engineer is responsible for leading the implementation, maintenance, monitoring and management of information security solutions. The engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.

The Senior Information Security Engineer, while not a management role, is expected to lead and contribute to the corporate security strategy with security leadership and other senior security staff, IT leaders and IT engineers. Recipients of the engineer’s implementations and management include IT infrastructure, application development, security operations, security audit and end users. With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the security engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Considered a highly knowledgeable individual, the senior security engineer is expected to lead the implementation, monitoring and management of information security solutions that address modern day threats, issues and risks in a rapidly changing threat environment.

RESPONSIBILITIES, Other Duties May Be Assigned

• Handle day-to-day implementation, monitoring and operational support of security solution hardware, software, managed solutions, and service provider relationships.
• Actively participate and lead security team meetings that facilitate secure design, implementation and operation.
• Engage in and lead information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
• Assist with security incident response and system stability/availability issues as they occur. This may occasionally include involvement outside of regular work hours, and responsiveness is expected.
• Implement solutions observing compliance –Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), SOC 2, HITRUST, FISMA etc. – and privacy laws.
• Work in tandem with architects, the security analysts, risk/compliance analysts, incident responders (in cases of anomalous activity and host compromise), TechOps and development team members.
• Respond to and handle service and escalation tickets within SLA expectations.
• Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.
• Participate regularly in change project and change management meetings.
• Research, validate and deploy solutions meeting security and business needs.
• Follow security engineering fundamentals and processes as defined in QTS documents and industry best practice documents.
• Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
• Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.
• Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
• Perform other duties as assigned.
  
  

Basic Qualifications

• At least 10 years experience in cybersecurity, compliance and risk management with a system and/or network security engineering background.
• Highly technical and analytical expertise, with a proven deep background in information technology design, implementation and delivery.
• Experience in Proofpoint
• Extensive experience in securing on premise networks and systems.
• Experience in securing cloud computing technologies, including software, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.
• Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, end point protection solutions including endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies, 802.1X/NAC, and application controls
• Skilled in vulnerability assessment and penetration testing requirements.
• Excellence in communicating business risk from cybersecurity issues.
• Experience managing or using SIEM systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools.
• Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
  
  

Preferred Qualifications

• Proficient with scripting in Python, JavaScript, PowerShell, PHP or Ruby.
• DevOps background with experience in compliance obligations.
• Holds or working toward one or more of the following certifications: SANS GIAC, CCSP, CISSP, Cisco CCIE, AWS Certified Cloud Practitioner or additional AWS advanced certifications such as AWS Certified DevOps Engineer, VMware Certified Professional, Microsoft Azure Security Engineer Certification, Microsoft Identity and Access Administrator.
  
  

Knowledge, Skills, And Abilities

• Experience working collaboratively in a team environment
• Excellent interpersonal skills with the ability to interface with all levels of the organization
• Ability to think strategically and tactically, with effective decision-making skills
• Experience with CyberArk Privileged Access Manager, Cisco ISE, Cisco Secure Network Analytics (Stealth watch) or Palo Alto Networks Threat Prevention.
• Experience with firewall policy creation, maintenance and analysis.
• Experience with security automation solutions (SOAR), especially for firewall policies.
• Experience with Amazon Web Services (AWS) or Microsoft Azure.
• Experience with one or more of the following: ISO 27001, NIST, PCI Data Security Standard (PCI DSS), HIPAA, Health Information Technology for Economic and Clinical Health (HITECH) Act, SOX, the General Data Protection Regulation (GDPR), Center for Internet Security (CIS) standards or Service Organization Controls (SOC) 2.
• Working knowledge of Windows, Linux, Unix, and network device operating systems (IOS, NX-OS, ASA, PANOS, F5, Citrix.
  
  

TOTAL REWARDS

• This role is also eligible for a competitive benefits package that includes: medical, dental, vision, life, and disability insurance; 401(k) retirement plan; flexible spending and HSA accounts; paid holidays; paid time off; paid volunteer days; employee assistance program; tuition assistance; parental leave; military leave assistance; QTS scholarship for dependents; wellness program, and other company benefits.
• This position is Bonus eligible.
  
  

We conform to all the laws, statutes, and regulations concerning equal employment opportunities and affirmative action. We strongly encourage women, minorities, individuals with disabilities and veterans to apply to all of our job openings. We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, sexual orientation, gender identity, or national origin, age, disability status, Genetic Information & Testing, Family & Medical Leave, protected veteran status, or any other characteristic protected by law. We prohibit retaliation against individuals who bring forth any complaint, orally or in writing, to the employer or the government, or against any individuals who assist or participate in the investigation of any complaint or discrimination claim.

The "Know Your Rights" Poster is included here:

Know Your Rights (English)

Know Your Rights (Spanish)

The pay transparency policy is available here:

Pay Transparency Nondiscrimination Poster-Formatted

QTS is committed to working with and providing reasonable accommodations to individuals with disabilities. If you need a reasonable accommodation because of a disability for any part of the employment process, please send an e-mail to talentacquisition@qtsdatacenters.com and let us know the nature of your request and your contact information.