Security Engineer

Hybrid, Richardson, Texas

Direct hire No C2C

Heavy Fortinet experience

Summary/Objective
The Security Engineer provides technical design, installation, operation, and maintenance of a variety of Cybersecurity and information security systems. Performs complex and detailed technical work necessary to support the needs of business and organizational requirements. Builds and manages a governance model for security.

The Security Engineer will collaborate cross-functionally with all departments to ensure projects are deployed in a secure state. In addition, the Security Engineer role will own and manage the BCP / DR / BCDR (Business Continuity and Disaster Recovery) plans for the company, including building and managing the departmental runbooks. The role will also work with the Application Support Team and Infrastructure Team to ensure that DR is working and tested at least once per year.

The Security Engineer will be responsible for acquiring and managing the tabletop exercises for incidents at least once per year. In addition, the engineer will be responsible for all security aspects of monitoring all environments and working with third-party providers as a first line of defense to networks.
Essential Functions
Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Define and implement hardware and software as needed for new security initiatives. Architect scalable solutions that are modular and easy to manage.
• Provide input into tool selection based on research and past knowledge.
• Write Policies and procedures to govern security for our business.
• Work with Infrastructure and Application Support teams to perform OS patching and server posture assessment.
• Provide escalated support and remediation that will include network, application, firewall, and server troubleshooting for security incidents.
• Perform administration of a broad range of security systems such as Identity Access Management, Privileged Access Management, Security Awareness, Advanced Threat Protection, and other Cloud security mechanisms.
• Define and implement process improvements to increase the efficiency of assessing security posture.
• Provide reporting to CTO on security gaps, project progress, and security posture.
• Work closely with cross functional teams to ensure technology implementations follow the policies and procedures defined by this role.
• Act as on-call contact for Security escalations.
• Completes projects and daily tasks as assigned.
• Support Cloud Security initiatives per the IT strategy.
• Work closely with the Technical Support team on security initiatives.

Competencies

• Collaboration
• Emotional intelligence
• Effective use of technology/instruments/tools/information systems
• Problem Solving/Analysis skills
• IT Cloud Operations
• Communication skills
• Evidence-based decision making
• Vision/Planning
• Project management
• Change management
• Production application and forward facing security
• SQL Server and Postgres proficiency
• Azure, Google Cloud Platform (Google Cloud Platform), and Amazon Web Services (AWS)
• Strong knowledge of M365 / O365, Sharepoint
• Strong knowledge of Azure Active Directory
• Strong knowledge of Fortinet firewalls, Ubiquiti WAPS, and Ubiquiti switches
• Strong knowledge of VLANS and LAN segmentation (Virtual Local Area Networks)
• Excellent knowledge of Microsoft Defender
• Excellent knowledge of email security administration and implementation

Work Environment
This job operates primarily in a professional office environment. This role routinely uses standard office equipment such as computers and communications equipment.
Required Education and Experience

• Bachelor s degree in Computer Science, Cybersecurity, Information Systems or combination of equivalent experience and education preferred
• 4-7 years industry experience preferred
• 4-7 years experience supporting tiered incident management for security
• 4-7 years experience coordinating development efforts with various stakeholders, including business analysts, project managers, development, customers, engineers, and vendors
• 3-5 years experience administering or managing IT infrastructure
• 3-5 years experience in penetration testing, vulnerability scanning, and closing gaps presented by those technologies
• 5+ years in Microsoft technologies
• Experience in Disaster Recovery (DR) & DR infrastructure operations
• Experience with change management / Request For Change
• Experience in IT-cloud operations
• 3+ years of experience writing policies and governance documentation
• Ability to speak, read, and write in English fluently
• CISSP & Security+, CEH, CWHH certifications preferred

Physical Demands/ADA Requirements
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

While performing the duties of this job, the employee is regularly required to talk or hear. This is largely a sedentary role; and individuals may need to sit or stand for long periods of time. Individuals must be able to type, operate telephones, computer equipment, and audio headphones. May require walking primarily on a level surface for periodic periods throughout the day. Reaching above shoulder heights, below the waist or lifting as required to file documents or store materials throughout the workday.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities; duties or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice.