Senior Information Security Engineer

Summary

Join Brooks' Information Security team as a Senior Information Security Engineer and drive critical security initiatives. You will serve as a security consultant to internal IT, ensuring projects incorporate appropriate controls. Build a deep understanding of our infrastructure and processes, designing and implementing strategic security improvements. Analyze and define information security requirements for all enterprise technologies. Leverage internal and external resources to achieve security goals. This role offers significant ownership to secure Brooks' future success. The position requires a strong background in information security and relevant experience. Location must be in WA, OR, CA, MT, CO, ID, or NV.

Requirements

• Bachelor’s degree in IT, Computer Science or related discipline
• 7 years’ experience maturing and improving information security programs
• Comfortable leveraging outside experts for implementation assistance and support
• System engineer level understanding of infrastructure technologies such as Active Directory, virtualization, and Windows operating systems
• Functional knowledge of modern networking protocols such as TCP/IP, IPSEC, VPN, MPLS, and SD-WAN
• Understanding of cyber kill chain as it relates to attacks by cyber-criminals against corporations
• Experience implementing security controls including IDS/IPS, firewalls, EDR, MFA, SSO, PAM, and email filtering
• Experience using SIEM tools for log collection, incident detection, and investigation
• Excellent written and verbal communication skills
• Persuasive negotiator able to exert influence without authority
• Experience identifying cost-effective solutions for complex problems within corporate enterprise
• Excellent analytical, troubleshooting, and problem-solving skills
• Demonstrated ability to identify security events based on network, computer, and user behavior and investigate to eliminate false positives
• Demonstrated ability to identify security vulnerabilities in proposed solutions and suggest alternatives
• Experience hardening and applying modern security standards across servers, workstations, SaaS-based solutions, and network equipment
• Demonstrated track record staying up to date with Information Security and threat intelligence knowledge
• Knowledge of security frameworks and methodologies such as CIS Top 18, NIST Cybersecurity Framework, and PCI DSS
• Remain flexible in your point-of-view to support the direction taken by the business
• Possess solid understanding of cryptography basics (public/private keys, TLS certificates, PKI, etc.)

Responsibilities

• Design and implement security controls
• Ensure rigorous application of cybersecurity policies, principles, and practices
• Design and implement cost-effective controls to reduce business risk from attacks
• Design and optimize network boundary protections and sensitive data flows
• Implement and support Single Sign-on, PAM, Multi-factor Authentication, Enterprise Mobility Management, security certificates and SIEM solutions
• Identify, plan, and document improvements to security controls
• Adjust security controls to accommodate new technology implementations
• Lead troubleshooting of existing security controls
• Play an advisory role in IT projects to assess security requirements and controls
• Lead or manage efforts on design/architecture and system security reviews
• Assess applications and associated data flows for risk
• Provide management and business clients with information related to security and threat trends
• Act as an agent of security awareness, foster and influence good internal information security practices
• Act as an escalation point in the investigations of cyber alerts, events, and incidents
• Maintain current awareness of information security issues and trends and provide educational briefings
• Maintain professional security certifications and accreditations
• Other responsibilities as required

Preferred Qualifications

Professional certifications such as GCIH, CISSP, CySA+

Benefits

• Medical, dental, vision, life and AD&D insurance, disability insurance, HSA and employer contribution, FSA, family & fertility assistance
• 401K Savings Plan and match
• Employee assistance program
• Transportation assistance
• Up to five weeks of paid time off
• Eleven paid holidays
• Paid sick and parental leave
• Annual bonus based on company performance
• Product discounts
• Employee recognition
• Fitness discounts
• Volunteer and donation benefits