Senior IT Security Operations Engineer

Summary

Join SimSpace as a Senior Security Operations Engineer and be responsible for the security of all information systems, applications, and data. You will maintain the daily technical operations of the Security Operations Center (SOC), collaborating with the infrastructure team and driving the adoption of security best practices. This role demands deep technical expertise in information security and the ability to work independently and as part of a team. You will architect, design, implement, and maintain integrated network security controls, administer access controls, and work on GRC efforts. Furthermore, you will be involved in vulnerability management, incident response, proactive security measures, and third-party risk assessments. SimSpace offers a competitive salary, comprehensive benefits, and a collaborative work environment.

Requirements

• Bachelor’s degree in Information Technology, Computer Science, or a related field
• Minimum of 8 years of experience in information security roles
• Expertise in information security principles, practices, and technologies, including security architecture, network security, identity and access management, threat intelligence, and security operations
• Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, SOC2 as well as those from NIST, including SP800-53
• Understanding of, and experience with, networking concepts such as TCP/IP, LAN/WAN, SSL/TLS and the various network protocols
• Strong communication and collaboration skills, with the ability to communicate complex technical issues to non-technical stakeholders and work with other departments
• Strong time and project management skills, with the ability to manage multiple projects simultaneously and deliver on time, within budget, and to the required quality standards
• Strong analytical and problem-solving skills, with the ability to quickly identify and resolve complex technical issues
• Experience working with Windows, MacOS and Linux based operating systems, including knowledge of using the Command Line Interface (CLI)
• Possess a proactive mindset with an enthusiasm for learning, solving complex problems and getting involved
• Ability to work on a fast paced, dynamic and multi-faceted team
• U.S. citizenship as required by our existing U.S. Government contracts

Responsibilities

• Architect, design, implement, and maintain integrated network security controls and countermeasures to ensure the highest level of security/integrity. This includes owning and configuring tools such as; EDR, SIEM, IPS/IDS, DLP, VPN, WAF, DNS Filtering, and others
• Administer authentication and access controls, including provisioning, changes to access, owning privileged security/access roles, and access permissions to information assets
• Work with security leadership on Governance, Risk and Compliance (GRC) efforts, including audits and risk assessments
• Security Integration: Work closely with development teams to incorporate security requirements into the platform's design and development processes. Collaborate with cross-functional teams to ensure that security is a fundamental aspect of all aspects of the platform
• Vulnerability Management: Conduct regular tests and scans to identify network and system vulnerabilities. Develop and implement strategies to remediate vulnerabilities and enhance the overall security posture of the platform
• Identify, define and maintain security documentation
• Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interact and coordinate with third-party incident responders
• Utilize lessons-learned from incidents to improve Security Operation Center (SOC) processes and procedures
• Develop and implement proactive measures including periodic cybersecurity maturity assessments, threat hunting, penetration testing, and work with infrastructure and security teams to prioritize and remediate any issues identified
• Assist in the governance and execution of third party and SaaS vendor risk assessments
• Continuously improve cybersecurity awareness training and mock testing campaigns across the enterprise

Preferred Qualifications

Professional security certifications such as CISSP, CISM, or CISA are highly desirable

Benefits

• Salary Range $105,000 - $175,000
• Comprehensive benefits package that start on day one
• 401k match
• Flex time, the time off you need when you need it
• Equity options at hire and potential for additional based on performance
• Generous employee referral bonus program
• Peloton Interactive Wellness Program
• LinkedIn Learning Membership
• Monthly reimbursement for meaningful connections with other SimSpacers