Sr. Security Engineer

Company: Veloc Inc
Location: Carrollton
Posted on: September 15, 2023

Job Description:

Security Engineer to be part of the IT Security and Risk Management team. The Security Engineer will support the implementation and administration of information security policies, practices, procedures, and technologies in order to ensure the protection of networks, systems, applications, and data. This role will be looked to as an information security expert within the organization, helping ensure compliance with all security policies and standards, as well as with industry regulations and laws. This role will also be involved with day-to-day security operations by responding to security events of interest and recommending corrective action by working with IT and non-IT team members.

Your Key Job Functions:

Provide security consulting through advice, research, design, project management services, and technical security expertise for all elements of the business as part of designing security solutions for existing and new networks, systems, applications, and business processes.
Directly manage and drive for timely/successful completion of information security projects and participate on various concurrent project teams that support business initiatives.
Directly assist in the testing, selection, design, implementation, documentation, operation, and maintenance of various network and system security technologies including, and not limited to: authentication, web application firewalls, network and host firewalls, VPNs, network and host NAC, network and host IDS/IPS, malware prevention, etc.
Interact with information security vendors and hold information security vendors accountable to their technology and services obligations to the organization.
Perform internal investigations and e-discovery efforts.
Routinely engage the organization's MSSP and respond to escalations from the MSSP within the defined SLA.
Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items such as, and not limited to: malware alerts, change detection alerts, rogue wireless network alerts, security system health alerts, exploit attempt alerts, etc.
Work with the Internal Audit department, Risk Management department, and Legal department to perform security assessments of ASP's, hosting providers, service providers, and development firms that are contracted to provide various services to the organization.
Perform, document, and present to management security risk assessments around existing and emerging technologies, business processes, and third party provided business services.
Participate in information security components of system provisioning to, and system de-provisioning from, the organization's networks.
Participate and be an integral component of audit, compliance, and regulatory functions, including and not limited to: Payment Card Industry (PCI) Data Security Standard (DSS), Sarbanes-Oxley (SOX), emerging state and Federal privacy laws, and general security auditing.
Assist internal and external auditors as required.
Manage and maintain the organization's various information security technologies.
Participate in the organization's incident response plan and perform incident reporting on an as needed basis.
Interface with management as necessary by providing reports, presentations, and recommendations.
Develop and maintain information security procedures, controls, and their compliance.
Identify/implement efficiency improvements through automation efforts such as scripting and lean process improvement.
Provide cost effective security improvements to reduce the frequency and duration of incidents.
Must be able to work outside normal business hours in order to perform diagnosis and/or implementation of product releases or changes so that normal business workflow is not interrupted.
Analyzes security incidents and escalation of security events 24x7.

Keywords: Veloc Inc, Carrollton , Sr. Security Engineer, Engineering , Carrollton, Texas