Key skills
AWSAzureGCPSDLCLeadershipProject ManagementStrategic PlanningCommunicationOWASPNetwork Security
About this role
Trulieve is one of the fastest growing companies in the nation, dedicated to providing relief to patients through their products. The Senior Information Security Engineer will be responsible for building, implementing, and maintaining enterprise security solutions, while also serving as a technical leader and point of contact for business stakeholders in advancing Trulieve's Information Security program.
Responsibilities:
- Demonstrate hands-on experience administering, tuning, and operationalizing Security and monitoring tools such as Microsoft Defender, Crowdstrike, Cisco Umbrella, etc., to strengthen detection and response capabilities
- Monitor network traffic for suspicious activity, detecting and responding to security incidents, and performing incident analysis
- Identify and address security weaknesses in the network and applications, including hardware and software vulnerabilities
- Apply security experience, document the current state of security controls, perform gap analysis and create a target state for enterprise-wide security
- Work with IT and Security leadership and cross-functional business teams to develop strategies and plans to enforce security requirements
- Participate in the security strategic planning process
- Incorporate the company's strategic goals with ongoing initiatives
- Lead security projects and work closely with other engineers, architects, and vendors to design secure, highly available production environments
- Lead security solution planning and delivery on projects
- May supervise staff indirectly in a project setting, to ensure effective and timely completion
- Proactively identify and address security risks as part of the role’s core responsibilities
- Implement security policies and assist with policy creation
- Present and explain complex technical issues to junior team members, colleagues, and management
- Serve as security subject-matter-expert across multiple technologies and ensure they align with the company security requirements
- Establish and manage appropriate business relationships
- Perform additional security tasks as assigned, such as assessments, compliance initiatives, documentation and other
Requirements:
- Bachelor's Degree – Computer Science, Engineering, Information Technology, or related discipline, or equivalent work experience
- Have 7+ years of experience in Information Security implementing security best practices, architecture, vulnerability assessments, and overall security management
- Experience and familiarity with security controls and configurations in a cloud environment such as Azure, AWS, and/or GCP
- Experience with networking technologies (routing, switching, firewalls, VLANs, subnets, etc.)
- Exposure to and knowledge of application security (authentication, authorization, data encryption, SDLC, OWASP, etc.)
- Understanding of and practical exposure to BC/DR concepts and methodologies
- Demonstrated experience overseeing the installation, configuration, and deployment of security solutions, with responsibility for end-to-end project management
- Excel in a highly dynamic environment by rapidly adapting to technological changes and delivering prompt, well-considered solutions with minimal supervision
- Demonstrate results-oriented and practical problem-solving expertise
- Exercise strong organizational skills and problem-solving expertise when working with current and emerging technologies
- Self-motivated and capable of working effectively with minimal supervision
- Can build professional relationships and have excellent communication skills
- Have a strong customer-focused mindset
- CISSP, CISM, or equivalent security certification preferred
- Cloud or network security certifications are a plus