Senior Security Engineer
State College, Pennsylvania, United States
Minitab
Spot trends, solve problems & discover valuable insights with Minitab's comprehensive suite of statistical, data analysis and process improvement tools.Act as a technical subject matter expert for the department regarding information and cyber security technologies and landscape. Perform software security tasks of a highly complex nature which require extensive research and analysis. Assume project and technical leadership roles across the department.
Responsibilities
- Perform a digital footprint analysis, classifying assets and their sensitivity levels. Define, harmonize, centralize, and manage the security logging and monitoring practice across customer facing products and development infrastructure. Monitor and manage suspicious activity. Prioritize and fine-tune settings and recommend hardening techniques to move issues towards resolution.
- Evaluate, test and implement new security technologies and/or tools that enhance detection and response capabilities. Install and configure firewalls, SIEMS, and endpoint security software. Stay up to date on the latest emerging security technologies and how they might impact or be leveraged for the security of Software Development products and systems.
- Assume a leadership role and drive consensus in educating teams regarding security strategy, landscape, protocol, and technologies. Collaborate with team members to identify key security gaps and areas for improvement. Conduct training sessions and workshops for team members and employees to raise awareness about security threats. Assist with the high-level architectural design of software products as it relates to software security.
- Anticipate, audit and act as a critical business continuity team member. Assist in real-time security incident handling to ensure efficient mitigation and remediation efforts, minimizing risk and impact to the company. Work closely with teams to ensure that learnings are used to make development’s internal systems and products more secure and resilient to future attacks.
Qualifications
- Bachelor's degree in Cybersecurity, Computer Science, IT, or a closely related discipline or equivalent experience.
- Deep knowledge of cloud security principles and tools including SIEMS, intrusion detection and prevention systems, log analytics, Microsoft Defender, Azure Sentinel and Azure DevOps.
- Experience managing application or DevSecOps “Blue Team” security programs.
- Proven experience in application security, including threat modeling, secure coding, and vulnerability management.
- Strong understanding of web application architectures, technologies, and protocols.
- Familiarity with industry standards and frameworks such as OWASP, ISO 27001, and NIST.
The following is also desirable:
- Information/Cyber Security certification such as CISSP or CompTIA+.
- Experience with source control systems such as Team Foundation Server or Git.
- Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond).
- Experience with standard web application security tools such as Arachni, Brakeman, and BurpSuite.
- Familiarity with security best practices for Kubernetes based cloud applications.
- Experience using an agile development process.
Minitab is an equal opportunity employer
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Agile Analytics Application security Azure Blue team Burp Suite CISSP Cloud CompTIA Computer Science CSRF DevOps DevSecOps Endpoint security Firewalls Intrusion detection ISO 27001 Kubernetes Monitoring NIST OWASP Security strategy SIEM SSRF Strategy Vulnerabilities Vulnerability management XSS
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Senior Product Security Engineer jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Information Security Specialist jobs
- Open Senior Cyber Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Cyber Security Specialist jobs
- Open Product Security Engineer jobs
- Open Cybersecurity Analyst jobs
- Open Security Specialist jobs
- Open Chief Information Security Officer jobs
- Open Staff Security Engineer jobs
- Open Manager Pentest H/F jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open Consultant SOC / CERT H/F jobs
- Open IT Security Analyst jobs
- Open Senior Information Security Engineer jobs
- Open Cybersecurity Consultant jobs
- Open IT Security Engineer jobs
- Open Senior Penetration Tester jobs
- Open Cybersecurity Specialist jobs
- Open Security Operations Analyst jobs
- Open Sr. Security Engineer jobs
- Open Security Consultant jobs
- Open CISM-related jobs
- Open Windows-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open Agile-related jobs
- Open Application security-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open ISO 27001-related jobs
- Open Threat intelligence-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Security assessment-related jobs
- Open Malware-related jobs
- Open Java-related jobs
- Open APIs-related jobs
- Open Security Clearance-related jobs
- Open Forensics-related jobs
- Open SaaS-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open IDS-related jobs
- Open DevOps-related jobs
- Open DoD-related jobs