Minitab is hiring a
Senior Security Engineer in

Summary

The job is a technical cybersecurity role focusing on software security tasks and leadership roles within a department. The role involves digital footprint analysis, security logging and monitoring, suspicious activity management, implementing new security technologies, educating teams, and incident handling.

Requirements

• Bachelor's degree in Cybersecurity, Computer Science, IT, or a closely related discipline or equivalent experience
• Deep knowledge of cloud security principles and tools including SIEMS, intrusion detection and prevention systems, log analytics, Microsoft Defender, Azure Sentinel and Azure DevOps
• Experience managing application or DevSecOps ‘Blue Team’ security programs
• Proven experience in application security, including threat modeling, secure coding, and vulnerability management
• Strong understanding of web application architectures, technologies, and protocols
• Familiarity with industry standards and frameworks such as OWASP, ISO 27001, and NIST

Responsibilities

• Perform a digital footprint analysis, classifying assets and their sensitivity levels
• Define, harmonize, centralize, and manage the security logging and monitoring practice across customer facing products and development infrastructure
• Monitor and manage suspicious activity
• Prioritize and fine-tune settings and recommend hardening techniques to move issues towards resolution
• Evaluate, test and implement new security technologies and/or tools that enhance detection and response capabilities
• Install and configure firewalls, SIEMS, and endpoint security software
• Stay up to date on the latest emerging security technologies and how they might impact or be leveraged for the security of Software Development products and systems
• Assume a leadership role and drive consensus in educating teams regarding security strategy, landscape, protocol, and technologies
• Collaborate with team members to identify key security gaps and areas for improvement
• Conduct training sessions and workshops for team members and employees to raise awareness about security threats
• Assist with the high-level architectural design of software products as it relates to software security
• Anticipate, audit and act as a critical business continuity team member
• Assist in real-time security incident handling to ensure efficient mitigation and remediation efforts, minimizing risk and impact to the company
• Work closely with teams to ensure that learnings are used to make development’s internal systems and products more secure and resilient to future attacks

Preferred Qualifications

• Information/Cyber Security certification such as CISSP or CompTIA+
• Experience with source control systems such as Team Foundation Server or Git
• Ability to discover and patch SQLi, XSS, CSRF, SSRF, authentication and authorization flaws, and other web-based security vulnerabilities (OWASP Top 10 and beyond)
• Experience with standard web application security tools such as Arachni, Brakeman, and BurpSuite
• Familiarity with security best practices for Kubernetes based cloud applications
• Experience using an agile development process