Senior Information Security Engineer
Phone and skype
Scottsdale AZ(Hybrid Onsite)
Update- Client is not looking for SOC or app security focused consultant
Senior Information Security Engineer
This role leads enterprise cybersecurity efforts by designing, implementing, and advancing security controls and strategies to protect cloud, on-prem, and hybrid environments while driving a security-first culture across the organization.
What You’ll Do:
· Implement, maintain, and operate security controls and countermeasures across on-prem, cloud, and hybrid environments.
· Administer and optimize security technologies including SIEM, IDS/IPS, endpoint security, and related tools.
· Monitor systems for security incidents and vulnerabilities; enhance monitoring/visibility and report on incidents, risks, and trends.
· Lead incident response efforts, including investigation, containment, recovery, and coordination with third parties and law enforcement.
· Assess evolving threats and compliance requirements; conduct risk assessments, support audits, and develop mitigation and compliance plans.
· Design and implement advanced detection capabilities, including custom rule creation, rule tuning, and integration of threat intelligence feeds.
· Develop security automation workflows and scripting to streamline detection, response, and remediation processes.
· Perform proactive threat hunting using advanced analytics and threat intelligence to identify sophisticated and persistent threats.
· Serve as primary technical liaison during major incidents, delivering executive briefings and coordinating with leadership, legal, regulatory, and external stakeholders.
· Develop and maintain information security governance documentation (policies, standards, procedures, baselines, guidelines).
· Support and oversee security training and awareness initiatives.
What Gets You the Job:
· Minimum 5 years of progressively responsible IT experience, including 5+ years hands-on with security tools (reverse proxies, IPS, EDR, vulnerability management, SIEM, malware detection); retail corporate experience preferred.
· Strong expertise in secure coding, threat modeling, identity and access management, cryptography, penetration testing, authentication/security protocols, system administration, and network security.
· At least 3 years of hands-on threat hunting using Splunk or similar SIEM platforms; skilled in network traffic analysis, log analysis, and behavioral analytics to detect malicious activity.
· Solid understanding of web services and multiple programming languages (e.g., JSON, Java, C++, Ruby, Python, Perl); expert knowledge of TCP/IP and common protocols/standards.
· Experience analyzing large and unstructured datasets to identify trends, anomalies, and emerging threats; ability to develop new detection techniques.
· Proven ability to manage vendor and stakeholder relationships, educate teams on security best practices, and communicate complex technical concepts clearly to all levels, including executives.
· Demonstrated success in high-pressure incident response, including coordination with legal, PR, and regulatory teams.
Never miss an opportunity! Create an alert based on the job you applied for.
