Information Security Engineer

We’re obsessed with growth. From enabling companies to flourish, to helping careers bloom.  SupportNinja was founded in 2015 to help companies solve for scale and connect them with a wider world of talent. Our vision is to show the world a better way to grow by developing the best people, implementing the latest technology, and challenging the status quo.  SupportNinja is a new kind of BPO. Our vision is to show the world a better way to outsource by developing the best people, implementing the latest technology, and challenging the status quo. SupportNinja helps fast-growing tech companies by providing around-the-clock outsourced support, lead generation, customer service and community management.  As a Ninja, you are guaranteed a culture dedicated to our core values: Employee Focused, Always Be Humble, Improve Everyday, Compassionate Candor, and Collectively Bring Joy.
 The Information Security Engineer will be responsible for designing, implementing, monitoring and managing security measures to protect our systems and sensitive information. The ideal candidate should have a strong background in cybersecurity, hands-on experience with security and monitoring tools, and a proactive approach to identifying and mitigating potential threats. The Information Security Engineer will work closely with cross-functional teams to ensure the confidentiality, integrity, and availability of data, while also identifying and mitigating cyber risks.

What does a day in the life as an Information Security Engineer look like?

• Regularly check security systems, such as firewalls and intrusion detection/prevention systems, for any signs of abnormal/unusual activity.
• Identify and assess vulnerabilities in the network, including scanning for weaknesses and applying patches or configurations to address them.
• Respond to and investigate security incidents, such as breaches or suspicious activities, to minimize damage and prevent future occurrences.
• Configure and manage security devices, ensuring that firewalls, routers, and switches are set up to protect the network effectively.
• Keep systems up-to-date by applying security patches and updates to address vulnerabilities.
• Contribute to the design and implementation of secure network architectures, considering factors like segmentation and secure communication.
• Monitor and manage systems to detect and prevent unauthorized access or malicious activities within the network.
• Analyze logs generated by security systems to identify patterns, anomalies, or potential security threats.
• Monitor and manage antivirus and EDR solutions to ensure all endpoints are protected against malware and other security threats.
• Monitor and manage endpoint protection tools, including settings for firewalls, intrusion detection/prevention, encryption solutions, Mobile Device Management (MDM), Data Loss Prevention (DLP) and other security features.
• Analyze phishing attempts and educate users.
• Monitor endpoints for compliance with security policies and standards, taking corrective actions when necessary.
• Enforce security policies and best practices throughout the network, aligning them with organizational security requirements.
• Maintain documentation related to network security configurations, endpoint security configurations, policies, and incident response procedures.
• Work closely with other IT teams, such as IT Systems and Network Teams to ensure a holistic approach to security.
• Stay informed about the latest cybersecurity threats, technologies, and best practices through ongoing training and professional development.
• Perform other duties as assigned

What are the required qualifications for an Information Security Engineer?

• 3-5+ years of IT network and endpoint security experience with a strong understanding and proven experience of SIEM tools, Active Directory management, vulnerability scanning, EDR/XDR tools, patch management, backup and recovery, IPS/IDS, encryption, network traffic analysis, etc.
•  Strong analytical and problem-solving skills, with the ability to assess and respond to complex security incidents.Experienced with SOC/cybersecurity principles, practices, and risk management
• Familiar with the tools and knows how to assess the logs and threats
• Continuous learning and a proactive approach to staying updated on emerging cyber threats and security best practices.
• Strong communication skills, both verbal and written.
• Flexible to work schedule
• Amenable to work onsite whenever needed but rare

Nice-to-have qualifications:

• Experience in the call center environment
• Familiarity with industry standards and regulations, such as NIST, ISO 27001
• Certifications such as CISA, CISSP, CISM, or CEH are highly desired

Ninja Perks and Benefits*Full time employees●     Competitive compensation●     Adherence to government-mandated benefits●     Retirement Savings Program with Company Matching●     Life Insurance●     HMO on day 1●     Paid time off, birthday leave●     Bonus and incentive plans●     Opportunities for skills training and personal and professional development●     Beautiful office space●     Free lunch provided daily●     Employee Referral Program  Experience infinite fun so you can have infinite growth. Discover A Better Way to Grow! Are you ready? Disclaimer:The duties and responsibilities listed above describe the post as it is in general terms and are not definitive. The post holder is expected to accept any reasonable alterations that may from time to time be necessary. SupportNinja is proud to be an Equal Employment Opportunity employer and we do not discriminate based upon race, religion, color, national origin, gender, sexual orientation, gender identity, gender expression, age, veteran status, disability, or other applicable legally protected characteristics under federal, state, or local law.