Job Title: Senior Information Systems Security Engineer
Job Summary:
We are seeking a highly technical, hands-on Senior Information Systems Security Engineer to ensure the confidentiality, availability, and integrity of our enterprise data, computer systems, and network devices. This role demands an engineer who possesses true technical depth—someone comfortable "opening the hood" to diagnose infrastructure issues, implement cutting-edge security defense systems, and methodically optimize performance to minimize cyber-attack vectors. You will be responsible for leading technical risk assessments, identifying system weaknesses, and independently deploying complex security architecture.
Compensation & Premium Benefits:
- Hourly Pay Rate: Starting at $43.46/hour (Final rate is highly competitive and dependent upon depth of experience; reasonable salary requests will be evaluated).
- Comprehensive Benefits: Premium Medical, Dental, and Vision coverage; Employer-paid Life and Disability Insurance; Flexible Spending Accounts (FSA), and robust retirement savings options.
Crucial Candidate Submission Requirement:
Note to Applicants: To be considered for this role, you must provide a detailed breakdown of your practical experience. Please accompany your resume with a brief list detailing the specific security tools you have used, your years of experience with each, the environment supported, and an exact example of hands-on work performed utilizing that tool.
Highlighted Position Requirements:
Education & Certifications:
- Degree: Bachelor’s degree in Management Information Systems (MIS) or a closely related computing field [Required].
- Core Certification: Current CompTIA Security+ or an equivalent industry-recognized security certification [Required].
- Advanced Certification: CISSP (Certified Information Systems Security Professional) [Highly Preferred].
Core Experience Criteria:
- Domain Longevity: Minimum of six (6) years of direct experience within an information systems security domain [Required].
- Specialized Background: Proven engineering background covering mobile device security, endpoint protection, wireless protection, incident response/mitigation, threat research, vulnerability management, and cyber intelligence analysis [Required].
- Systems Administration: Practical professional experience in a system administration role supporting multiple enterprise platforms and cross-functional applications [Required].
Technical Knowledge & Frameworks:
- Security Frameworks: Deep working compliance knowledge of NIST, HITRUST, PCI, and the HIPAA Security Rule [Required].
- Infrastructure & Tooling: Advanced design, implementation, and maintenance knowledge across: Local Area Networks (LAN), Microsoft Active Directory / GPO, Linux & Windows Operating Systems, and standard communication protocols [Required].
- Security Technologies: Direct, hands-on experience deploying and configuration-tuning: Data Loss Prevention (DLP), Encryption, Intrusion Detection/Prevention Systems (IDS/IPS), VPNs, Firewalls, Multi-factor Authentication (MFA), Cloud Access Security Broker (CASB), Endpoint Detection & Response (EDR), and SIEM tools [Required].
Key Responsibilities:
- Threat Research & Forensics: Investigate the architectural impact of emerging cyber threats, automate systems to ingest intelligence threat feeds, track adversaries, and conduct comprehensive log analysis and network forensic investigations.
- Vulnerability & Penetration Testing: Design and execute proactive network security scans and penetration tests to detect systemic weaknesses before they can be exploited by malicious parties.
- Risk Assessments: Solely execute deep-dive technical risk assessments and implementation analysis on internal infrastructure to ensure strict conformity to modern security standards.
- Defense Infrastructure Support: Design, implement, configure, and maintain critical infrastructure defenses, including web filtering, anti-spam/antivirus frameworks, content screening servers, and data leakage appliances.
- Alerting Strategy: Architect robust alerting and detection models to instantly flag, analyze, and mitigate unusual or malicious network behaviors.