IT Security Engineer

AmeriSave Mortgage Corporation is searching for a Security Engineer. This is an exciting opportunity to grow your career with a forward thinking company. The Security Engineer works as a member of the Information Security team to assess distributed security issues and propose and manage the implementation and operation of controls and solutions that reduce risk and/or meet compliance needs. The Security Engineer works with a variety of controls, systems and business associates. 
At AmeriSave, we're one team with one shared dream - to be the best. We’re dedicated to building an inclusive culture where employees are empowered and supported to do their best work - whether from home or in the office. 
Why AmeriSave? What you'll find at AmeriSave is that we don’t just set you up for success, we set you up to WIN. Team members are provided with cutting edge origination software, CRM, marketing automation, data reporting / analytic software, and leading mortgage application technologies to help make more deals happen. Our culture at AmeriSave is casual and fun, and we offer competitive compensation and benefits.
AmeriSave is the company you’ve been waiting to work for! 

Responsibilities

• Administer and monitor AMC/MMS security tools, and related infrastructure, in order to protect systems from attack, unauthorized users, and malware.
• Stay abreast of industry best practices in penetration testing and ethical hacking techniques and integrate new methods and tools as appropriate.
• Monitor publications of security advisories and assess criticality of vulnerabilities and vendor patches and notify applicable groups of the vulnerabilities, mitigations, and resolutions.
• Collaborate with the internal customers of Info Security to develop and implement strategies to balance security recommendations, compliance requirements, and business needs. 
• Monitor change control processes, and other changes outside the change control process, to ensure that security measures are maintained as changes occur.
• Conduct information security risk assessments as a service throughout the company. 
• Perform security audits of off-the-shelf and custom applications and infrastructure. Handle requests, cases and tickets related to security.
• Conduct and participate in the design development, testing, implementation and operation of security plans, products and control techniques. 
• Provide guidance and technical support for security initiatives such as virus and malicious code protection, operating systems (Linux, Solaris, and Windows), database, and security incident response support.
• Document Information Security guidelines, procedures, and technical standards.  Create and maintain documentation related to security and compliance for the company. 
• Collaborate in security policy development.
• Investigate security-related events, situations, and incidents. 
• Identify and determine causes of security violations and recommend corrective actions to ensure data security.
• Provide mentorship, training, and guidance to other team members.  Back them up when they are unavailable.
• Participation in On-call rotation coverage
• Other tasks as assigned.

Requirements

• Bachelor’s degree in Computer Science, Engineering, or related major (or 4 additional years of relevant experience in lieu of degree)
• 5 years information technology experience, including 2 years focused on Information Security
• Extensive experience providing IT services to internal groups with excellent internal service
• CISSP, CEH, CISA, or CISM certification preferred
• Expert knowledge of Information Security best practices and security and privacy controls
• Strong foundation and in-depth technical knowledge in computer security, cloud security, vulnerability management, network security, cryptography, and/or similar fields
• Expertise in facilitating Information Security risk assessments for major processes, systems and projects
• Proficient English verbal and written communication skills
• Strong interpersonal skills, including the ability to influence, facilitate, consult and guide to desired end results through effective non direct team leadership.
• Basic project management skills essential to track milestones and validate project progress.
• The ability to work effectively with internal and external clients, management, staff members, vendors, and consultants
• Results oriented, high energy, self-motivated
• Strong judgment and analytical ability
• Proficiency in application, infrastructure, and Information Security IT auditing
• Expert knowledge of system vulnerabilities and exploits
• Skilled with administration, configuration, and operational best practices for Cloud Security, VPNs, Firewalls, Routers, UNIX systems, Intrusion Detection, and Windows systems


AmeriSave is an equal opportunity employer. We do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

California Consumer Privacy Act Disclosure AcknowledgmentEmployment Applicants, New Hires, and Employees Residing in California
AmeriSave Mortgage Corporation’s California Consumer Privacy Act Policy Statement (“Policy”) can be reviewed here: www.amerisave.com/privacy-policy.   
When AmeriSave’s Human Resources Department makes future requests for personal information, the same Policy is applicable. By applying, you understand this acknowledgment covers current and future personal information requests. You also acknowledge the business purpose of the personal information collected and that future requests may occur while applying for a position at AmeriSave and/or during employment, if applicable.