Sr. Security Engineer at Interstate Batteries (Dallas, TX)

Overview: 

If youve been looking for an Outrageously Dependable company where character counts, then youre home. Interstate Batteries, headquartered in Dallas, Texas, built its reputation on a great automotive battery, but look how much weve grown over the past 60 years! We now offer more than 16,000 portable power solutions and accessories throughout North America, Australia, the Caribbean and Latin America. Take charge of your future and see if you have what it takes to be one of our 1,600 specially selected Team Members. 

Job Description

The Sr. Security Engineer is responsible for assisting in the design, maintenance and support of the enterprise information security environment which includes security systems and their processes, security risk management and Payment Card Industry (PCI) compliance activities. This position will perform as a senior security engineer for the deployment, implementation and maintenance activities in the security systems lifecycle. Additionally, the position supports other Interstate teams, develops plans and security system designs to support and maintain multiple environments. Key areas of responsibility include:

• Participate in updating and maintaining enterprise security and compliance architecture
• Researching, Recommending, configuring and implementing information security solutions in a medium sized enterprise environment to enhance security posture and drive value, collaboration, relationships, continuous improvement, and speed to our market
• Participate in the creation and maintenance of enterprise security documents (policies, standards, baselines, diagrams, dataflows, guidelines and procedures)
• Participate in Security Risk Management (including closure of risks), Change Advisory Board reviews, Incident Response processes, and other meetings/activities representing security
• Maintain up-to-date detailed knowledge and expertise of the IT security industry including new attacks, threat vectors and remediate and/or lead remediation of associated vulnerabilities in Windows, Linux, networking (Palo Alto) and Cloud computing environments
• Must possess excellent project management skills and the ability to lead technical project teams
• Must be able to work closely with business units to deploy and support proprietary applications in a secure manner while adhering to PCI requirements and NIST type security standards
• Maintain up-to-date baselines and patching, including the secure configuration and operations of all in-place security software and hardware
• Monitor all in-place security solutions for efficient and appropriate security operations including Dev/Sec/Ops activities
• Create, review, and report on security logs with tools such as Splunk and other tools, various security systems and recommend/implement resolutions on findings
• Investigate Data Loss/Leakage Prevention and problematic user/ bad actor activity
• Participate in the design and execution of vulnerability assessments, penetration tests and PCI security audits
• Conduct educational sessions for end-users and IT in areas of security with a strong verbal, written and presentation skill acumen including design presentations with maximum visual impact for end-user and technical audiences
• Must adhere and represent our corporate values of Love, Servants Heart, Excellence, Courage, Fun, Team and Integrity
• Perform other duties, as assigned by the Security Manager

Requirements

• Bachelors degree in computer science or 6 years equivalent security work experience
• Minimum 10 + years of IT experience with at least 8 + years of responsibility for Security engineering and operational activities
• Minimum five (5) + years of experience with vulnerability and risk assessments
• Minimum three (3) years penetration testing and vulnerability tools and remediation
• Advanced knowledge of NIST based information security principles and best practices
• Experience with network security and networking protocols, application development and Dev/Sec/Ops
• Advanced knowledge of PCI compliance standards, controls and remediation technologies, solutions and processes
• Experience and/or knowledge of Cloud Security, VMware, Linux and Microsoft operating systems, Database, Web and Application security best practices and architectures
• Knowledge and experience with firewall technologies, event correlation, VPN architectures, MFA, Data Loss Prevention (DLP), Wireless Security, Vulnerability Management, Risk Management, Intrusion Detection/Prevention, Incident Response and File Integrity Monitoring with preferred system experience in Cylance, Palo, Cisco Sourcefire, Varonis Suite, Splunk, MS Excel, Splunk ES, Rapid7 products, Netskope CASB, Microsoft CASB, and Lockpath
• Strong verbal, written and presentation skill acumen including the ability to design presentations, reports and dashboards with maximum visual impact for diverse audiences

Certifications:

• One or more of the following certifications: CISSP (Recommended), CISA, CISM, GIAC or other security related certifications

by via developer jobs - Stack Overflow