Sr. Info Security Engineer - Threat Mgmt

What’s unique about this role?

Primary security engineer for managing the Lighthouse Third-Party Security Operations Center (SOC) platform management as well as leading implementation of key information security initiatives. Works with the rest of the Information Security team to partner across all areas of the organization to drive requirements to plans to ensure security measures are implemented in accordance with Industry Standards and Lighthouse Policy. Effectively works across teams to help educate the workforce on the benefits of security enhancements and emerging threats.

What will this person do?

• Provide technical leadership in the design, implementation, and management of the Lighthouse Incident Response procedures
• Perform threat modeling on Lighthouse applications, processes, and use of third-party services.
• Assess, respond and contain potential and known security events
• Manage penetration testing engagements, including the scoping and remediation tracking efforts on a yearly basis
• Coordinate and rank after-incident projects as related security, including technical and administrative processes
• Oversee analysis of critical systems, document deficiencies, provide run books for mitigation, and deliver root cause analysis for security events
• Proactively apply threat intelligence findings to systems to ensure an improved security posture 
• Maintain security documentation, including standard operating procedures and response guides
• Serve as a key resource across various technical teams to diagnose and troubleshoot complex and/or critical issues with security considerations
• Performs all other related duties as assigned.

Requirements: 

• Bachelor Degree in Computer Science, related field or comparable job experience
• 8+ years of progressive experience with large scale technical infrastructure including on premise, public cloud and/or private cloud
• At least 5 years in an Incident Response / Threat Management role
• CISSP and/or GIAC Incident Response certifications preferred.
• Experience operating highly available, high-volume environments, ideally in a SaaS or commodity website environment using primarily Microsoft based solutions
• In-depth knowledge of security principles as related to infrastructure management 
• Microsoft PowerShell or similar scripting languages a plus
• In-depth experience with Microsoft Active Directory and Entra ID principles and design
• Subject Matter Expert understanding of threat research and real-world risk ranking as related to the business
• Subject Matter Expert level understanding of data and network encryption technologies and VPN
• Subject Matter Expert level understanding of security incident response and threat mitigation, including many threat types and classifications
• Experience with Vulnerability Management platforms such as Rapid 7
• Experience with DevOps platform security, and the ability to work within a CI/CD environment to promote secure practices
• Experience securing systems with restricted data or specific data classification
• Experience with handling security audits and supporting compliance teams
• Experience with system (Desktop/Server) hardening standards (CIS/NIST/FIPS/Etc.)
• Ability to plan, scope and estimate work effort to produce high quality deliverables on time/on budget
• Exceptional interpersonal skills: ability to speak clearly and with authority
• Able to work with diverse teams (national and international) in a collaborative manner
• Intellectual curiosity and the ability to learn new concepts quickly and efficiently
• Act and work both independently and in a team environment

Work Environment and Physical Demands

• Duties are performed in a typical office environment while at a desk or computer table.
• Duties require the ability to use a computer, communicate over the telephone, and read printed material, in a quiet and professional setting.
• Duties may require being on call periodically and working outside normal working hours (evenings and weekends).

Lighthouse celebrates and thrives on diversity and is an Equal Opportunity Employer. We hire, train, and promote regardless of race, religion, color, national origin, sex, disability, age, veteran status, and other protected status as required by applicable law.  We welcome any talents and contributions you can bring to the team and are deeply committed to growing an environment where everyone can feel safe, is respected, and can show up as themselves. Come as you are! 

As required by applicable pay transparency laws, Lighthouse complies with compensation disclosure requirements for roles that may be hired in locations under these requirements. Factors that may be used to determine your actual salary may include a wide array of factors, including: your specific skills and experience, geographic location, or other relevant factors. The salary range for this position may be tailored to be lower or higher in different talent markets.

The expected pay for this role will range from $110,526.50 to $157,895 per year.  This role will be eligible to participate in an annual bonus or incentive program.  

Lighthouse offers a quality comprehensive benefits package including medical, dental, vision, and a 401k with company match.  Company paid benefits also include Life & AD&D, short and long-term disability, telemedicine through 98point6, and other wellness plans.   We offer a generous Flexible PTO program and paid volunteer days.  Employees may also participate in voluntary insurance plans including accident, hospitalization, and critical illness plans as well as pet insurance.  

As a trailblazer and catalyst for change, Lighthouse rises to each opportunity to help our clients and our people do what they do best—shine.