IT Security Engineer (Onsite)
Colony Brands, Inc. · Monroe, WI · 2 wk ago
On-siteInformation TechnologyFull-time
About the role
The IT Security Engineer plays a crucial role in supporting SC Data Center's growing business by promoting and executing information security programs, policies, and regulatory compliance. Reporting to the IT Security team, this position involves developing and implementing a comprehensive information security program, selecting and deploying technical controls, defining processes and standards, and advising on security issues.
Responsibilities
- Develop and implement a comprehensive information security program
- Select and deploy technical controls to meet specific security requirements
- Define and promote information security policies, processes, and standards
- Design technologies in a secure manner and monitor compliance against company policies and applicable laws
- Investigate and report on security violations and incidents
- Report and advise on information security issues to ensure internal security controls are appropriate and operating as intended
- Analyze information and processes to balance vulnerability levels with investment, personnel, and end-user capabilities
- Partner with project teams to facilitate and implement new systems, policies, and processes
- Partner with managed service SOC to coordinate centralized logging and identification of security incidents or misconfigured security controls
- Coordinate/conduct responses to information security incidents (including beginning forensic investigations)
- Prepare documentation, business notifications, and security alerts
- Daily interaction with employees on security alerts from EDR, SIEM, phishing identification tools, and general service tickets
- Research, recommend, and develop security and risk mitigation solutions
Qualifications
- Bachelor’s degree in MIS, Computer Sciences, Information Technology, or related field
- 3+ years of related business experience
- A broad and in-depth understanding of information security and information technology auditing
- A commitment to continuous improvement and knowledge growth
- Documented ability to utilize security systems such as vulnerability scanners, logging software, Multi Factor Authentication, SAML Federation, and experience with patch management processes
- Experience with diverse desktop and server environments, networking, and operational security technologies both on-premise and in the Cloud (AWS preferred)
- Solid written and verbal communication skills at all comprehension levels
- Experience with driving Security Awareness programs is desired
- CISSP Certification is preferred
- Experience working with small to mid-size companies is helpful
- PCI, SOC1, Audit &/or HIPPA experience is a plus