Belk
Position Summary:

The Senior Security Engineer is responsible for security system deployments, configuration, monitoring and reporting of security related events. Provides support to planning and implementing security controls which safeguard and monitor events for information systems, enterprise applications, outsourced services and data. Provides Tier II support for security related incidents and issues.

Essential Functions/Responsibilities:
  • Advises of all security concerns and provides options and solutions to resolve these concerns.

  • Reviews proposed security infrastructure changes of all other team members as well as other groups and departments to maintain a high level of security integrity.

  • Contributes to the development of information security policy, standards and guidelines.

  • Investigates and resolves any security related incidents, complaints or questions.

  • Fully understands all security events as well as plans and implements resolutions to protect from current and future attacks.

  • Analyzes all firewall rules and access control list changes for possible security risks and addresses risks

  • Performs security and vulnerability assessments both internally and externally and addresses with an action plan.

  • Examines and preserves data for investigation and legal support.

  • Performs electronic discovery, analysis and investigation of intrusion and hacking attempts

  • Plans and implements incident handling and response tasks and procedures for security related events.

  • Researches and implements new technologies to improve and grow the security infrastructure (e.g. applications, systems, outsources services).

  • Obtains information and stays up to date on the latest exploits and security trends in a fast and efficient way so as to keep secured against these exploits.

Requirements/Qualifications:
  • Bachelor’s degree in Computer Science or related field or equivalent combination of industry related professional experience and education

  • 4+ years of experience

  • Working experience with information security

  • Working experience with Intrusion Detection Systems (IDS) & Intrusion Protection Systems (IPS)

  • Working experience with Firewall configuration and monitoring

  • Working experience with event/log analysis and incident response

  • Working experience with forensics


 

Preferred Education & Experience:

  • CISA, CISSP, CISM, or CIA certification(s)

  • Network / System Administration experience / background

  • Engineering related certifications including:

  • ISSER add-on to CISSP

  • Firewall certifications

  • Cisco

  • Palo Alto

  • Comptia

 

Competencies:

  • Advise and maintain specific security controls as required by organizational policy and local risk assessments to maintain confidentiality, integrity and availability of business information systems and to enhance resilience to unauthorized access.

  • Perform vulnerability assessments.

  • Recognize when a network/system has been attacked or when a breach of security has occurred.

  • Take immediate action to limit damage, according to the organization’s security policy, which may include escalation to next level, and records the incident and action taken.

  • Demonstrate effective communication of security issues to management and others.

  • Follow and maintain the guidelines and standards for security.

  • Monitor the application security operations procedures and reviews information systems for actual or potential breaches in security.

  • Ensure that all identified breaches in security are promptly and thoroughly investigated.

  • Ensure that security incidents are documented accurately and complete.

  • Take a comprehensive approach to seeking vulnerabilities across the full spectrum of organization policies, processes, and defenses in order to improve organizational readiness, improve training for defensive practitioners, and inspect current performance levels.

  • Inform vulnerability testing policy.

  • Manage all vulnerability testing activities within the organization.

  • Initiate improvements to test processes and direct their implementation.

  • Assess suppliers' penetration testing capabilities

  • Takes actions to support Company strategies and tactics

  • Maintains positive attitude and momentum in challenging situations

  • Communicates effectively with all partners

  • Demonstrates flexibility, resiliency and productivity in response to shifting priorities

  • Strives for continuous improvement

  • Shares ideas with others to address daily business issues

  • Builds working relationships characterized by cooperation and mutual respect

  • Shares ideas and resolves conflict constructively

Back to Job List