Security Engineer

Summary

Join EVOTEK, North America's premier digital business enabler, as a Security Engineer. You will be responsible for testing, installing, configuring, and maintaining security solutions, monitoring infrastructure for threats, and collaborating with clients. This role involves working on security standards, deploying security products, and addressing vulnerabilities. Resident Engineer positions with clients are also a possibility. The ideal candidate possesses 5-10 years of experience in information security and engineering, a strong background in data/information security and system engineering, and deep expertise in the security space. EVOTEK offers a competitive salary, performance bonuses, and a comprehensive benefits package.

Requirements

• 5-10 years' experience in Information Security and Engineering
• A strong background in both data / information security and system engineering
• Possession of both deep and wide expertise in the security space
• Having a breadth of experience with security solutions and concepts overall, while also having deep knowledge of several specific security solutions/tools
• Experience deploying, troubleshooting, integrating with, managing, and maintaining security solutions (think email security gateways, network security tools, SIEMs, Antivirus/EPP technologies, etc.)
• Experience monitoring infrastructure and systems for security breaches or intrusions
• Familiarity with regulatory requirements (GDPR, CCPA, HIPAA, PCI DSS, etc.)
• Deep understanding of server operating systems (Windows Server and Linux [multiple variants] are most common)
• Excellent communication skills, both written and verbal

Responsibilities

• Test, install, configure, and maintain security solutions/tools
• Monitor infrastructure (networks and systems) for unusual activity, security breaches, and/or intrusions
• Work closely with client teams on the implementation, maintenance, and administration of security tools
• Communicate findings, incidents, and concerns to relevant team members and leadership in a timely manner
• Work with teams to address and remediate findings and concerns
• Work with client and team members to develop and document security standards and policies
• Assist with installation, configuration, and operation of new security products and procedures
• Deploy, troubleshoot, maintain, and administer security solutions (such as Endpoint Protection, SIEMs, Vulnerability Management solutions, email security gateways, event logging solutions, etc.)
• Discover and recommend security enhancements to client teams
• Participate in, or conduct, vulnerability scans of client environments
• Work with client teams to prioritize and remediate discovered vulnerabilities
• Undertake system and infrastructure hardening efforts per standardized benchmarks (E.g.: CIS benchmarks, CIS-CAT assessments, NIST standards, etc.)
• Install and configure solutions that monitor for and notify when unusual behavior is detected
• Monitor infrastructure for security breaches or intrusions (via security tools and solutions)
• Monitor for irregular system behavior
• Ensure that client organizations have detailed, timely, and accurate information regarding security concerns, security findings, and incidents
• Participate in, and sometimes lead, incident response activities
• Participate in, and sometimes lead, investigations into how incidents and/or breaches occur
• Participate in security tabletop exercises
• Assist with the education of client staff members on information security through training and awareness
• Develop automation solutions (scripts, etc.) to handle and track incidents
• Test security solutions using industry standard analysis criteria
• Help plan and implement an organization’s information security strategy
• Recommend modifications with regards to legal, technical, and regulatory areas
• Document security tools, deployment configuration, incident reports, etc
• Communicate with client teams on the above as well as clear explanation of concerns, findings, and incidents

Preferred Qualifications

• Experience with AWS and/or Azure environments
• Experience with MS 365
• Experience in some specific industry verticals (healthcare, biotechnology, government, department of defense)

Benefits

• Salary commensurate with years’ of experience, technical expertise and geographic location. Salary range: $100,000 to $150,000
• Performance bonuses
• Benefits package that includes 100% paid medical, dental and vision for the employee
• 401(k) with employer match
• Strong company culture
• Flexible PTO policy
• Flexible working arrangements
• Annual company overnight retreat