Information Technology Security Engineer

The Heritage Group is a fourth-generation, family-owned business focused on construction and materials, environmental services and specialty chemicals. The IT Security Engineer is responsible for maintaining security operations and assisting ITSS with security-related projects, designed to protect the company's sensitive data and assets.

Responsibilities:

• Design, execute, and oversee security measures to safeguard computer systems, networks, and data
• Identify security vulnerabilities, promote system security best practices, and collaborate with teams for mitigation implementation
• Security awareness training and phishing simulation campaigns
• Contribute to the design of the system security architecture
• Assist with preparing and documenting standard operating procedures and protocols
• Audit compliance with company security standards and work with team(s) to remedy noncompliance
• Configure, optimize, and troubleshoot security infrastructure devices
• Utilize current system security tools to provide security remediation recommendations and guidance to business units and ITSS teams
• Research and review new technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks
• Detect, investigate, and respond to security incidents with rapid communication to stakeholders
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
• Be an essential part of executing all tasks or projects as put forth in the IT security strategic plan
• Conduct vulnerability assessments and security testing on systems, networks, and applications to identify weaknesses
• Effectively communicate security risks to both technical and non-technical colleagues, highlighting potential impacts and required actions
• Stay updated with the latest trends in cybersecurity threats, and mitigation techniques

Requirements:

• Bachelor's Degree in Computer Science or related field or equivalent work experience
• minimum of 3-5 years of proven work experience as an IT Security Engineer or similar role
• experience in building and maintaining security systems
• detailed technical knowledge of database and operating system security
• hands-on experience in security systems, including firewalls, intrusion detection and prevention systems, anti-virus software, authentication systems, log management, content filtering, etc
• experience with network technologies and with system, security, and network monitoring tools
• thorough understanding of the latest security principles, techniques, and protocols
• familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
• very high-level of self-awareness and desire to develop leadership capabilities
• ability to hold themselves and others accountable to high standards
• experience identifying and resolving issues independently
• proven analytical skills with information systems and security systems
• courage to take initiative in unfamiliar or ambiguous circumstances
• ability to gain alignment with different clients and represent a common point of view across multiple stakeholders
• excellent verbal and written communication
• problem solving skills and the ability to work under pressure
• maintains a high level of confidentiality
• Certified Information Systems Security Professional (CISSP) - Global Knowledge or equivalent certifications
• experience with Microsoft security solutions including Sentinel, Azure Information Protection, Defender for Cloud Apps, etc
• hands-on experience with Sophos, Palo Alto, Azure SSO, and LogScale
• experience with Cisco, Aruba, and Netskope
• Microsoft Azure certifications