Security Engineer

Columbus, OH, United States

Security Engineer

Precise Resource, Inc. is a leading privately held Woman Business Enterprise specializing in Executive Search and HEAD-HUNTING services for Fortune 500 clients across the United States. One of our more prestigious clients has asked for our assistance in seeking a

Security Engineer.

Our client’s brand, located in over 500 stores across the US, stands as a beacon of modern fashion, offering various apparel and accessories across multiple platforms.

We seek someone to play a pivotal role in safeguarding our client’s digital assets and as a key player in maintaining a comprehensive corporate-wide information security program, ensuring that our critical information is established and maintained.

Serve as a trusted advisor to various LOBs, leveraging your expertise to craft robust security controls and protocols. You need a deep understanding of security concepts, proficiency with cutting-edge tools such as anti-virus software and intrusion prevention systems (IPS), and mastery of essential programs like vulnerability management, incident management, identity & access management, and data loss prevention.

Your responsibilities will encompass the full spectrum of security operations, from designing and implementing robust infrastructure to providing ongoing support and monitoring. Moreover, you'll play a pivotal role in ensuring compliance with industry regulations such as Sarbanes-Oxley and PCI, safeguarding our organization's reputation and integrity.

Key Responsibilities:

Conduct thorough control and vulnerability assessments utilizing advanced tools and methodologies to identify weaknesses in existing security controls and propose remedial actions.

Employ sophisticated techniques to analyze current and emerging threat landscapes, providing insights to drive strategic security initiatives.

Implement robust monitoring mechanisms to ensure adherence to security policies and facilitate enforcement within the IT ecosystem.

Act as the coordinator for SEIM activities, leveraging tools like Splunk to perform log analysis and malware investigations.

Collaborate closely with IT leadership and business stakeholders to define precise metrics and reporting frameworks, effectively communicating security program successes and progress.

Conduct comprehensive evaluations of outsourced vendors providing critical information security services, ensuring strict adherence to contractual service-level agreements (SLAs) and compliance requirements.

Lead the operational aspects of incident management, encompassing detection, response, and reporting, while leveraging cutting-edge technologies and methodologies.

Maintain an extensive knowledge base encompassing technical reference materials, security advisories, and alerts, ensuring a proactive approach to threat and vulnerability management.

Play a pivotal role in designing and overseeing security testing procedures, including penetration testing and vulnerability assessments, and manage the subsequent remediation efforts.

Operational Support:

Engage in in-depth research and evaluation of new information security hardware and software solutions, meticulously analyzing their impact on the existing infrastructure.

Collaborate closely with the enterprise architecture team to ensure alignment between business, technical, and security requirements, driving the evolution of the organization's security posture.

Forge strong partnerships with corporate infrastructure teams to develop and implement security controls and configurations aligned with regulatory and audit requirements.

Define and validate baseline security configurations for various systems and applications, ensuring consistency and adherence to industry best practices.

Actively participate in validating security solutions, ensuring seamless integration with existing business processes and architectures.

Required Experience & Qualifications:

Bachelor's degree in a relevant field, CISSP certification, or equivalent industry experience.

3-5 years of hands-on experience in security planning, installation, and administration.

Demonstrated proficiency in mainstream operating systems and various security technologies.

General understanding of IT infrastructure and security principles and some background in working with computer hardware and software through work experience in application programming, system administration, or network operations.

General knowledge on SIEM technologies like Splunk or QRadar, content filtering/ firewall technology, and cloud technology such as AWS.

Extensive experience in technical security controls and vulnerabilities, including intrusion prevention systems (IPS), anti-virus solutions, and firewalls.

Project management capabilities, encompassing requirements analysis, scoping, and technical analysis.

In-depth expertise in security technologies such as IPS, anti-virus, and firewalls.

Advanced knowledge of network infrastructure, including routers, switches, and associated protocols.

Familiarity with security design and implementation best practices, including NIST, ISO, PCI, and SOX compliance standards.

Prior experience with WAS is highly desirable.

Exceptional decision-making and problem-solving skills, enabling effective resolution of complex technical challenges.

Proactive and self-motivated, focusing on organizational and time-management abilities.

Proficient in leading and facilitating meetings to achieve defined goals and objectives. Strong leadership abilities, fostering effective teamwork and collaboration across departments.

Click here to apply online

#J-18808-Ljbffr