WEX is a company focused on implementing and operating security technologies across its global information security team. The role of Information Security Engineer 3 involves ensuring the secure function of software security, collaborating with internal teams, and mentoring other engineers while managing security measures and compliance.
Responsibilities:
- A highly motivated security engineer who loves working on small, high performing teams that interface with the entire enterprise
- A collaborative, solid communicator who works well with your team and stakeholders to drive projects from inception to completion
- Someone who cares deeply for team results but is able to work independently to deliver high quality solutions for projects and operational tasks
- Comfortable balancing the need to move fast with the realities of working in a highly regulated organization
- Someone who thrives in situations where details and accuracy are vital
- A skilled worker that has the motivation, expertise, and work ethic to operate independently across global time zones, and who is able to complete tasks and deliverables with minimal oversight
- Work closely with Enterprise IT teams on securing Wex's infrastructure and applications
- Able to mentor other engineers both technically and professionally
- Engineer, implement, and monitor security measures to protect the enterprise
- Configure and troubleshoot security infrastructure devices
- Regularly review configurations and develop improvement plans
- Develop technical solutions and new security tools to help mitigate security findings
- Write comprehensive reports including assessment-based findings, outcomes and recommendations for security enhancement
- Have a general background in IT, Security, and supporting processes
- Deep experience working with compliance and regulatory frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, GDPR, NIST, etc
Requirements:
- 3-5 years of experience in Enterprise Information Security Engineering
- 3-5 years of broad experience with security technologies such as NextGen AV (EDR), DLP, email security (SPF, DMARC, DKIM), web filtering, HSM, Key and Certificate management, or Identity and Access Management
- Strong, practical understanding of modern cloud IT infrastructure, networking, and security engineering concepts
- Able to troubleshoot network and security issues within a complex environment
- 3-5 years of experience in engineering solutions which meet security, compliance, and business needs
- Can commit and deliver on very specific project/delivery timelines with minimal supervision
- Able to work in an on-call rotation which may include some night and weekend shifts
- Excellent customer support skills, both written and verbal
- 3-5 years of experience with Linux and Unix operating systems
- 3-5 years of experience with securing applications and enabling secure communication through HTTPS
- Engineer, implement, and monitor security measures to protect the enterprise
- Configure and troubleshoot security infrastructure devices
- Regularly review configurations and develop improvement plans
- Develop technical solutions and new security tools to help mitigate security findings
- Write comprehensive reports including assessment-based findings, outcomes and recommendations for security enhancement
- General background in IT, Security, and supporting processes
- Deep experience working with compliance and regulatory frameworks such as PCI-DSS, HIPAA/HITRUST, SOX, GDPR, NIST, etc
- Cloud experience with AWS and Azure
- Experience working with AI/LLM Security
- Experience working with Splunk
- Experience working with CrowdStrike
- Experience with automation technologies (SOAR) and writing code for automation
- Experience working with Fortanix, Venafi, or similar