Security Engineer

  • Full Time
  • Remote
  • 186

Website Paylocity Paylocity

The Security Engineer is responsible for managing and enhancing IDS/IPS and web application firewalls. They will be managing projects to enhance the security orchestration and automation and will work closely with infrastructure and system operations teams to help keep our networks secure. The role will work to enhance our security initiatives and will have responsibility for escalated incidents and overseeing configuration changes and enhancements.

Are you the teammate that we are looking for?

Who you are:

  • Passionate about information security and privacy
  • An evangelist regarding the importance of information security
  • Well versed in security issues affecting financial service organizations as well as widespread data center operations, such as cloud and mobile technology solutions
  • Committed to an ongoing partnership with other high profile groups within the organization (e.g. software development, infrastructure) to insure information security objectives are being understood and embraced
  • Established presence within information security communities
  • Ability to anticipate problems and recommend decisive action
  • Excellent communication skills (both written and oral)
  • Ability to work collaboratively across the organization
  • Values their role as an advisor and business enabler more than their role as a rule enforcer
  • Self-driven, creative, and resourceful

How we work:

  • Casual, collaborative environment which embraces and operates under our shared principles
  • Complete transparency with open, honest discussions about our progress
  • Close working relationships across all areas of the organization
  • Focus on outcomes and learning

What we offer:

  • A strong commitment to Information Security both financially and organizationally
  • An existing talented and passionate Information Security team
  • The chance to meaningfully contribute to a vast market opportunity
  • A collaborative environment where our security team is empowered to help steer the direction of the team
  • A place to contribute your security knowledge company-wide through forum panels with our product development team
  • Annual training allowance to learn new things and bring it back to the team.
  • Flexible remote work schedule

What you bring:

  • Bachelor’s Degree in InfoSec, Computer Science, or a related preferred
  • Minimum 5 years of IT experience involving firewalls, patch management, vulnerability scanning, packet sniffers, intrusion prevention, and SIEM
  • Must have experience tuning WAF configurations (preferably F5 BIG-IP ASM) and SIEMS (e.g., ArcSight, AlienVault, Splunk, Elastic Stack, etc.)
  • Experience collecting data from multiple sources and consolidating results into analytic models, alerts, and reports
  • Experienced meeting corporate security policies and regulatory requirements
  • Solid understand of NIST Cybersecurity framework
  • Well versed in incident response processes and experience with deploying security agents across the enterprise
  • Experience with cloud based technologies (AWS, Azure, etc.)

Strongly prefer a relevant security certification such as:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Manager (CISM)
  • GIAC Security Expert (GSE)
  • GIAC Systems and Network Auditor (GSNA)
  • Computer Security Incident Handler (CSIH)
  • GIAC Certified Incident Handler (GCIH)
  • GIAC Certified Forensic Analyst (GCFA)
  • Certified Ethical Hacker (CEH)

During the last three months, you would have:

  • Enhanced and optimized DLP tool sets
  • Worked collaboratively with IT and Software Development to continually improve our security posture
  • Assisted with identifying new tools and automation in support of security operations team
  • Ensured that we monitor for and analyze cyber threats on a regular basis as part of a comprehensive program to reduce our risk exposure to an acceptable level
  • Evaluated security threats, assess the potential impact to the business, and implement strategies to detect and generate alerts on security incidents
  • Determined what data traffic should be logged and/or monitored to correlate and quickly assess security events
  • Applied business intelligence to analyze data from logs and monitoring to produce meaningful alerts and reports for potential security incidents
  • Analyzed data collected to determine if there are any security anomalies that require further action, and if so classify and document the incident, escalate significant security incidents
  • Provided situational awareness during significant security incidents through clear and concise communication to appropriate personnel
  • Provided input on emerging threats to executives to update our corporate risk analysis
  • Evaluated and recommend new security technologies, processes and methodologies
  • Understood and stayed current with the critical threats to our IT infrastructure and SaaS applications by continually analyzing cyber threat intelligence sources and techniques utilized by cybercriminals
  • Promoted a proactive approach to addressing the changing threat landscape by recommending and implementing architectural improvements to security infrastructure (including security event and discovery/detection tools including firewalls, IDS/IP, SIEM, and other systems)
  • Provided Incident Response leadership, triage, discovery, technical resolution, and inter-team communication during any
  • security event

To apply for this job please visit www.paylocity.com.

Please mention you found this job on infosec-jobs.com to help us get more companies to post here 🙂

Scroll to top