Position Summary:
The Sr. Engineer, Cyber Security is a member of the Security Operations team responsible for building, managing and supporting the security infrastructure that underpins all internal and external user technology services, according to security policies and best practices.

As a member of a team working in complex, big data platforms, the incumbent will face the challenges that go along with those types of environments and be expected to stay abreast of new and upcoming technologies so as to be in a position to suggest improvements to existing implementations. The incumbent will work with other internal and external engineers to ensure that services and solutions are delivered securely and efficiently, advising teams on security designs and decisions, and ensuring adherence to Inmar technical standards.

The incumbent must have a service-oriented mentality, a high sense of ownership of the problems and requests assigned, a focus on managing and resolving issues in alignment with the SLAs, establishing and maintaining communication with technology customers to keep them updated with status of their requests, initiating and performing changes on production systems and proactively escalating any issues that cannot be resolved within the established timeframes.

Primary Accountabilities:

(100%) TechnicalInformation security: Maintain awareness of information security and the security controls that can be used to mitigate security threats within solutions and services.IT infrastructure: Build and configure, administer and support infrastructure technologies and solutions such as: compute, storage, networking, physical infrastructure, software, commercial off the shelf (COTS) and open source packages and solutions, virtual and cloud including IaaS, PaaS, SaaS.Ownership and initiative: Own an issue until a new owner has been found or the problem has been mitigated and / or resolved.Problem solving: Investigate problems in systems, processes and services, with an understanding of the level of a problem (e.g. strategic, tactical, operational). Can contribute to the implementation of remedies and preventative measures.Service focus: Take inputs and establish coherent frameworks that work.Systems design: Translate logical designs into physical designs. Produce detailed designs and documents all work using required standards, methods and tools, including prototyping tools where appropriate. Designs systems characterized by managed levels of risk, manageable business and technical complexity and meaningful impact. Work with well-understood technology and identifies appropriate patterns.Systems integration: Able to build and test simple interfaces between systems, work on more complex integration as part of a wider team.Technical understanding: Understand core technical concepts related to their role and is able to apply them with guidance.Testing: Correctly execute test scripts under supervision. Understand the role of testing and how it works.Troubleshooting and problem resolution: Troubleshoot and identify problems across different technology capabilities.Modern standards approach: Understand key principles of modern standards approach and how they apply to the work they are undertaking and will apply under guidance.

Additional Responsibilities:

Performs other duties as assignedComplies with all policies and standards

Required Qualifications:

Bachelors of Science Degree in Computer Science, or a Bachelor of Arts Degree in a related technical field, required7-9 years 7+ years of related work experience in security engineering requiredOr any equivalent combination of experience and training/certification that provides the required knowledge, skills, and abilities needed to complete the major responsibilities/essential functions of the position requiredStrong experience in web and mobile application security requiredStrong experience in distributed platform development security and design requiredExperience with industry tools and technologies such as Burp, Metasploit, etc. requiredIn-depth knowledge of web and mobile security standards and best practices (OWASP, etc.)Strong foundation in core information security principles and concepts (HTTPS, TLS, OAuth, etc.)Working knowledge of common languages such as Python, GO, Javascript, Java, etc.Familiarity in public cloud security deployment and implementation issues (AWS, Azure, GCP)Familiarity with audits and standards requirements such ISO 27001, PCI DSS, SOC 1 & 2, etc.Proven expertise in enterprise-grade and web scale security solutionsSecurity and Risk AssessmentAware of Security governance principles and able to apply them to the enterpriseUnderstands the legal and regulatory Issues relevant to the enterprise and does not place the enterprise at risk.Security EngineeringSolid working knowledge of secure design principlesSolid working knowledge of database securitySolid working knowledge of cloud computingSolid working knowledge of CryptographyCommunication and Network SecurityCan explain all layers of the OSI model and what they doUnderstands multi-layer protocolsCan manage and configure switches, routers, firewalls, proxiesUnderstands content distribution networksIdentity and Access ManagementPhysical and logical accessLDAPMulti-factor authenticationSession managementCredential managementSecurity OperationsParticipates in InvestigationsParticipates in operational, criminal, civil, and regulatory investigationsWorks with logging and monitoringPerforms security operations granting permissions based on Need-to-know and least privilegeParticipates in Incident managementManages and configures IDS and IPSSoftware Development SecurityAware of software development lifecyclesAware of what software development methodologies are used in the enterprise and can explain what it meansFamiliar with DevOps conceptsAware of Security vulnerabilities and understands how the following work: Bounds checking, Input/output validation, Buffer overflow, Privilege escalationAware of secure coding practicesUses code repositoriesCISSP Certified Information Systems Security Professional OSCP, GCIH, GXPN, GPEN preferred

Physical Demands

The physical demands described here are representative of those that must be met by an associate to successfully perform the major job responsibilities (essential functions) of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the major job responsibilities. This job description is not intended to be an exhaustive list of all duties, responsibilities, or qualifications associated with the job.

Use Hands to Handle Objects - RegularlyReach with Hands or Arms - RegularlyTalk or Hear and Read Instructions - RegularlyStand, Kneel, or Stoop and Lift 20 Pounds - OccasionallyView Items at a Close Range - Regularly

Rarely: Job requires this activity up to 25% of the time
Occasionally: Job requires this activity between 25% - 50% of the time
Frequently: Job requires this activity between 50% - 75% of the time
Constantly: Job requires this activity more than 75% of the time

Individual Competencies

Integrity: Able to communicate well in straight-forward situations.Teamwork: Advanced communication skills used to lead a team.Adaptable: Arrives at a conclusion based on previous experiences and good judgment.Innovative: Arrives at decision using analytical thought.Curious: Asseses circumstances using experience and a variety of information gathered.Analytical and Critical Thinking: Communicates using persuasion and authority.Problem Solving: Completes routine and repetitive tasks where tasks are straightforward.

As an Inmar Associate, you:

Put clients first and consistently display a positive attitude and behaviors that demonstrate an awareness and willingness to listen and respond to clients in order to meet their short-term and long-term needs, requirements and exceed their expectations.Treat clients and teammates with courtesy, consideration and tact; you also have the ability to perceive the needs of internal and external clients and communicate effectively with the objective of delighting and retaining the client.Build collaborative relationships and work cooperatively with others, inside and outside the organization, to accomplish objectives, develop and maintain mutually beneficial partnerships, leverage information and achieve results.Set and attain achievable, yet aggressive, goals with a sense of urgency and accountability.Understand that results are important and focus on turning mission into action to achieve results following the principles of Flawless Execution while consistently complying with quality, service and productivity standards to meet deadlines and exceed expectations by giving our clients the best possible outcome.Support a safe work environment by following safety rules and regulations and reporting all safety hazards.

We are an Equal Opportunity Employer, including disability/vets.