Information Security Engineer

Job Location

Job Description

The Security Engineer is responsible for developing, implementing, maintaining, monitoring, and managing secure solutions. The Security Engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the Security Engineer is responsible for recommending and developing modifications and enhancements to ensure the organization is evolving with the threat landscape.

With an emphasis on securing systems, applications, cloud infrastructures, integrations, service providers and ancillary systems, the Security Engineer may also be responsible for validating the technical security of business to-business initiatives, third-party relationships, outsourced solutions, and vendors. Considered a highly knowledgeable individual, the Security Engineer is expected to implement, monitor, and manage secure solutions that address modern day issues. The Security Engineer provides strong protection for P&G's reputation, revenue, and shareholder value from emerging and existing threats while enabling business operations and growth with a user centric focus and secure, resilient capabilities.

The Security Engineer focuses on:

• The highest information security risks across the enterprise– Balancing cyber threats with business needs– In depth defense strategy

• Designing, developing, & maintaining enterprise security solutions to enable security-safe business operations– Core process and self-service improvements– Investment in automation– Upholding availability, integration, and confidentiality for the busines

Job Qualifications

Experience in information technology, information security administration, or security operations.

Highly technical and analytical expertise with a proven cybersecurity background in technology design, implementation, and delivery.

Experience in cloud computing technologies, including software, infrastructure, and platform-as-a-service, as well as public, private, and hybrid environments.

Capable of scripting in Python, Bash, PowerShell or equivalent.

Knowledge of integration patterns such as API design, build, implementation, testing, and deployment processes.

Knowledge of access patterns, storage and database options, and data retrieval logic.

Understanding of OWASP, CVSS, the MITRE ATT&CK framework, and the software development lifecycle (SLDC).

Experience with DevSecOps concepts and agile workflows, including Scrum and Kanban.

External/Industry Certifications (preferably one or more (or working toward one or more) of the following): CCSP, CISSP, TOGAF, Cloud Providers (AWS, Azure, GCP), Scaled Agile Framework (SAFE), Security & Risk Frameworks: OWASP, CVSS, the MITRE ATT&CK framework, DevOps Institute

Job Schedule

Job Number

Job Segmentation