Senior Security Engineer Job Description Template
Our company is looking for a Senior Security Engineer to join our team.
Responsibilities:
- Implement and maintain intrusion detection, continuous security monitoring and risk assessment for our cloud infrastructure;
- Perform security assessments on web applications, mobile clients, and architectural designs;
- Contribute to and support the development and maintenance of the Engine information security program and risk framework;
- Configure and troubleshoot security infrastructure system and devices;
- Review and approve controls needed to protect Engine data and technology assets;
- Prototype tooling for risk enumeration and threat intelligence,
- Participate in developing, testing, and improving the incident response program;
- Collaborate with DevOps to ensure cloud security for promoting DevSecOps;
- Conduct training workshops on customer’s product design for compliance against the applicable security requirements;
- Plan and manage project schedules;
- Report the project status to the customer and internal management on a scheduled basis;
- Provide internal engineer training within areas of his/her proficiency;
- Learn all applicable UL Identity Management & Security procedures and policies;
- Safeguard sensitive information by working with business units and vendors/third parties to determine and enforce appropriate access levels;
- Exercise appropriate levels of discretion and confidentiality when addressing security-related incidents.
Requirements:
- Experience with a scripting language (Python, Javascript, Ruby, etc.);
- 5+ years of experience with C/C++/C#
- Excellent communication and collaboration skills;
- Experience with AWS technologies;
- Self-motivated; entrepreneurial spirit; comfortable working in a fast-paced, dynamic environment;
- Bachelor’s Degree in Computer Science, Information Security, Engineering, or other relevant subjects;
- Problem solving skills, autonomy, self-driven and ability to work under pressure;
- Knowledge of industry standard frameworks – NIST, ISO, HIPAA, PCI;
- Proficient in scripting languages, preferably PowerShell;
- Experience working in highly regulated environments (NIST SP 800-53, ISO 27001…);
- Experience with load balancers, proxies, network monitoring tools such as NetDisco and Wireshark, etc;
- Experience implementing security controls aligned to organizational policies and standards;
- Excellent inter-personal skills; ability to interact with all layers of personnel;
- Proven experience in customer-facing advisory services, technical expertise, and communication skills;
- Experience using oscilloscope, logic analyzer, protocol sniffers, etc.