Security Engineer I

A Security Engineer I is professional responsible for designing, implementing, and maintaining technical security measures, focusing on vulnerability management, threat detection, and infrastructure protection. They secure cloud/on-prem environments using automation (Python, Terraform) and tools like SIEM or EDR, often collaborating with DevOps to remediate security risks and strengthen security posture.

Essential Functions:

• Develop and maintain security policies, guidelines, and lead implementation in all systems, including AWS and in particular CloudTrail, EKS, AWS Inspector, EC2, EMR, S3, AWS Identity Center, RDS, Security Hub, Guard Duty.

• Architect, design, implement, support, and evaluate security-focused tools and controls to meet security and compliance needs.

•  Integrate security checks into the CI/CD pipelines to ensure continuous compliance and shift left security practice.

• Utilize tools like Terraform or Cloud Formation to build, deploy and enforce compliance and secure cloud infrastructure.

• Utilize networking (VPC, Firewall, Transit Gateways), container security and encryption.

• Builds scripts (phyton, bash) and serverless functions (AWS Lambda) for alerting on anomalies, misconfigurations and threats include automations to auto respond to such threat actors/findings.

• Oversee threat management and security incident handling, including the coordination of investigations and reporting of security incidents to management, in alignment with business.

•  Work with the team and QSA on PCI (level 1 & level 2 service provider) & SOC initiatives for the company.

• Ensure that security is factored into the evaluation, selection, and configuration of hardware, applications and software.

• Ensure audit trails, systems logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements. Provide support and guidance for legal and regulatory compliance efforts, including audit support.

• Promote information security awareness throughout the company. Stay current with security technologies and threats by monitoring vendor and industry publications and attending training.

• Secure sensitive data, manage user credentials through principal of least privileges, track user activity.

• Proactively identify security risks and implement practices that meet standards for information security, by analyzing current systems, and working with IT and the business. Partner with development and infrastructure teams to identify and remediate vulnerabilities Develop mitigation plans.

Qualifications:

• Bachelor Degree in Computer Science or related technical field

• 3 to 5 years in cybersecurity experience within a professional environment

• Certified Information Systems Security Professional certification is a plus

Knowledge, Skills and Abilities:

• Experience with IDS/IPS, file integrity, internal/ external penetration & vulnerability tests, FIM, SEIM, Log aggregation tools required

• Development and scripting experience to build automation: Lambda, Terraform, Cloud Formation, API Integrations

• Understanding of the software development life cycle and CI/CD pipelines

• Ability to execute process and standards around code quality and the deployment lifecycle including SAST and DAST

• Experience in SIEM, MDR, EDR, DLP Identity Management, WAF, WAS, Incident Response, attack surface management

• Proactively find weaknesses in applications and network through audits, penetration tests and security assessments

• Prepare reports on security metrics, attempted attacks, document findings and actions taken

• Proven record of learning new languages, skills and technologies quickly, with minimal guidance

• Takes initiative, stays focused, always accountable

• Thrives in a fast-paced environment with the ability to focus on achieving the target whole minding longer term goals along the way

• Excellent communication skills

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed above are representative of the knowledge, skill, and/ or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.