IT Security Engineer

About the Company
e.l.f. Beauty, Inc. stands with every eye, lip, face and paw. Our deep commitment to clean, cruelty free beauty at an incredible value has fueled the success of our flagship brand e.l.f. Cosmetics since 2004 and driven our portfolio expansion. Today, our multi-brand portfolio includes e.l.f. Cosmetics, e.l.f. SKIN, pioneering clean beauty brand Well People, Keys Soulcare, a groundbreaking lifestyle beauty brand created with Alicia Keys and Naturium, high-performance, biocompatible, clinically-effective and accessible skincare.
We have annual revenues of ~$900 million and our business performance has been nothing short of extraordinary with 20 consecutive quarters of net sales growth as we have grown to #3 mass cosmetics brand in the US and are the fastest growing brand among the top 5. Our total compensation philosophy offers every new hire competitive pay and benefits, bonus eligibility (200% of target over the last four fiscal years), equity given to every full-time employee as a part of their new hire package, flexible time off, year-round half-day Fridays, and a hybrid 3 day in office, 2 day at home work environment. We believe the combination of our unique culture, total compensation, workplace flexibility and care for the team is unmatched across not just beauty but any industry.
Position Summary We are seeking a highly skilled IT Security Engineer to join our team. The ideal candidate will have a strong background in information security, with experience in designing and implementing security solutions to protect our organization's systems and data. The IT Security Engineer will work closely with other IT professionals to identify security risks, develop strategies to mitigate these risks, and ensure compliance with industry regulations and standards. Responsibilities •      Build, deploy, and maintain security technologies to ensure the security and integrity of E.L.F.’s information systems according to the current cyber security program•      Responsible for developing and documenting security related processes and procedures to help secure, mature and/or enhance the security of the environment•      Respond to alerts from security infrastructure tools or intelligence and take necessary actions to remediate or divert the security risk•      Responsible for leading incident response, threat intelligence, and event co-relation for a broad set of technologies under the cyber security program•      Work closely with management and technical staff to resolve complex security matters and incidents•      Thorough understanding of the latest technologies, security principles, and protocols•      Review new and current vendors or partners security audits and practices to ensure good security standards•      Collaborate with other digital teams to ensure that security measures are integrated into all aspects of our technology infrastructure•      Strong knowledge of networking protocols and security best practices•      Tune security events and co-relation from applicable security products and sources•      Perform network traffic analysis, host behavior analysis, PC forensics, kill chain, windows event analysis etc. to effectively detect and protect company assets•      Produce a monthly security operations dashboard with key performance indicators (incidents, metrics, security threats, intelligence etc.)•      Provide security awareness training to employees to promote a culture of security within the organization•      Act as a lead staff resource for cloud and infrastructure security-related projects and initiatives Requirements: •      Bachelor’s degree in Information Technology or Information Security or substantial work experience required•      Must have 3+ years of hands-on building and working knowledge of various security technologies (Network Firewalls, VPN, NAC, EDR/MDR, File Integrity Management, IPS/IDS, Application Firewalls, Vulnerability Management, Email Protection, Internet Security, SSO/MFA, SIEM Logging & Monitoring, ATP, and DLP)•      Experience with risk assessment and incident response procedures•      Strong knowledge of networking protocols and security best practices•      Experience of Cloud and IAM security (Azure, AWS, GCP, Okta, etc.)•      Good knowledge of scripting skills (Python, PowerShell, etc.) for security automation•      Ability to work and lead on multiple projects simultaneously•      CISSP or CISA or GIAC desiredThis job description is intended to describe the general nature and level of work being performed in this position. It also reflects the general details considered necessary to describe the principal functions of the job identified, and shall not be considered, as detailed description of all the work required inherent in the job. It is not an exhaustive list of responsibilities, and it is subject to changes and exceptions at the supervisors’ discretion.
e.l.f. Beauty respects your privacy. Please see our Job Applicant Privacy Notice (www.elfbeauty.com/us-job-applicant-privacy-notice) for how your personal information is used and shared.