Jobs · Information Technology · Colorado

Infrastructure Security Engineer

STACK Infrastructure · Denver Metropolitan Area · 2 wk ago
Information Technology$128k–$145k/yrFull-time

Responsibilities

  • Planning, implementing, managing, monitoring, and upgrading security measures for the protection of STACK Infrastructure’s data, systems, and networks.
  • Monitor and triage critical IT infrastructure for irregular behavior/weaknesses and respond with robust countermeasures to prevent future incidents.
  • Zero Trust Implementation: Champion a Zero Trust security model across STACK’s network and datacenter environments.
  • Architect solutions that enforce least-privilege access, continuous verification, and micro-segmentation of services – ensuring no implicit trust at any layer.
  • Install and maintain security tools that monitor critical infrastructure (systems and networks) for security breaches and intrusions.
  • Leading or collaborating with peers on project management to accomplish the goals set by leadership.
  • Provide SME-level advice and expertise regarding various technologies and enable leadership to drive security objectives and improve STACK’s overall security posture.
  • Triage and investigate security and user high-risk events.
  • Lead/participate in incident response and investigation of IT/OT security detections and incidents.
  • Infrastructure and Network OS security hardening.
  • Maintain and optimize security tools.
  • DNS management.
  • Penetration testing remediation.
  • Policy enforcement.
  • Attack surface management and threat hunting.
  • Participation in an on-call rotation with your team to ensure 24/7/365 coverage.
  • Work closely with cross-functional teams, including IT Support, IT Infrastructure, and Critical Operations teams, to ensure systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access.
  • Serve as a point of escalation and support for Information Technology and international IT administrators security needs.

Qualifications

  • 10-15 years hands-on network security engineering experience, specializing in Firewalls and Infrastructure security.
  • Strong Palo Alto and Panorama experience.
  • Exposure and experience with International and multi-country IT security programs.
  • Certifications in one or more of the following disciplines/providers preferred: CISSP, CEH, GIAC (GSEC, GCIH, etc.), ISACA, Other Networking/Network Security related certifications.
  • Experience and familiarity with cyber incident response, SIEM, vulnerability scanning tools, security operations workflow, IPS, Browser security, Cloud security, and Endpoint Security.
  • Familiarity with security-related compliance such as NIST CSF, CIS Critical Security Controls, ISO 27001/27002 and regulations such as GDPR, HIPAA, SOC1/2, and PCI-DSS.
  • Strong understanding of MITRE ATT&CK framework.
  • An analytical security-focused mind, outstanding problem-solving skills, and strong threat assessment and mitigation skills.
  • Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
  • Exceptional documentation and report generation skills.
  • Natural curiosity and drive toward continual improvement.

Similar jobs