Senior Security Engineer

The hiring range for this role is:

$107,666.00 - $160,000.00 This is the lowest to highest salary we, in good faith, believe we would pay for this role at the time of this posting. We may ultimately pay more or less than the hiring range and this hiring range may also be modified in the future. A candidate's position within the hiring range may be based on several factors including, but not limited to, specific competencies, relevant education, qualifications, certifications, relevant experience, skills, seniority, performance, shift, travel requirements, and business or organizational needs.This job is also eligible for annual bonus incentive pay.

We offer a comprehensive package of benefits including paid time off, 11 holidays, medical/dental/vision insurance, generous 401(k) matching, lifestyle spending account and many other benefits to eligible employees.

Note: No amount of pay is considered to be wages or compensation until such amount is earned, vested, and determinable. The amount and availability of any bonus, commission, or any other form of compensation that are allocable to a particular employee remains in the Company's sole discretion unless and until paid and may be modified at the Company's sole discretion, consistent with the law.

Job Description Summary
As a Senior Security Engineer, you will collaborate with Architects and key stakeholders to interpret and implement engineering and operational guidance within a specific security domain or program. You will contribute to multiple projects, leading the creation of comprehensive roadmaps for various projects or departments. Your role will involve championing operational excellence by designing and executing advanced process improvement initiatives. You will drive significant cost optimization efforts by identifying and implementing strategic savings opportunities. Additionally, you will enhance security risk visibility by developing and overseeing robust risk management frameworks. You will also participate in domain-related incident response efforts as needed, maintain defined security architecture, and manage domain-specific security tools. Responsibilities include but are not limited to:

• Works with Architects and key stakeholders to interpret engineering and operational guidance in a specific security domain/program and contributes to multiple projects related to it.
• Lead the creation of comprehensive roadmaps for multiple projects or departments.
• Champion operational excellence by designing and executing process improvement initiatives.
• Drive significant cost optimization efforts by identifying and implementing strategic savings opportunities.
• Enhance security risk visibility by developing and overseeing robust risk management frameworks.
• Participate in domain related incident response efforts as needed, maintain defined security architecture, and manage domain specific security tools.

Required Education, Certifications and Experience

Education
Required: Bachelor's degree in Computer Science, Information Security, or related field or equivalent work experience.

Experience

Required: 7+ years of cyber security experience

General:

• Experience implementing risk remediation prioritization and collaboration with key stakeholders to understand risk drivers and remediation blockers.
• Experience monitoring and tracking remediation efforts, staying abreast of emerging threats, and leading the design, implementation, and maintenance of domain specific toolsets.

Data Domain Role:

• Experience building, testing, implementing, and tuning policies and rulesets across our portfolio of data security tools to accurately detect, classify, track movement of, and protect sensitive data assets from unauthorized access.
• Experience collaborating with security architecture and other stakeholders as part of the Data Governance Committee and Cloud Center of Excellence ensuring that data protection capabilities are designed and implemented securely.
• Experience supporting data and cloud governance teams and other non-security stakeholders to assist with the researching, analyzing, development and implementation, of data security capabilities with a focus on protection, detection, and response.
• Experience supporting security architecture and application teams with developing controls and security monitoring for sensitive access and movement across endpoints, network, SaaS applications, and cloud platforms.
• Experience in Cyber security engineering, preferably in hybrid cloud environments with a focus on data security using automation to discover, assess, classify, tag, encrypt, and mask sensitive data.
• Experience with various data architectures, such as data warehouse, data lakes, data lakehouses, data mesh, data fabrics, and federated data, and management, and governance.
• Experience with tools and services related to IAM, data protection, software provisioning, configuration management, application deployment, network segmentation and monitoring, server monitoring and visualization, and storage, data backup, and collaboration tools.
• Experience Deploying, configuring and supporting AWS (Amazon Web Services) and hybrid cloud environments such as data focused security and privacy tools and services such as Microsoft MPIP/AIP/RMS, AWS Macie, Enterprise and Endpoint DLP, DAM, CASB, HSM, AWS Security Services IAM, KMS, Secrets Manager, AWS Firewall manager, WAF, Guard Duty and SCPs Encryption, masking, tokenization, SSO, secrets management or equivalent.
• Experience in AWS Network Services in AWS (VPC, Route Table, Security Groups, Transit Gateway, Private Link, VPC Interface Endpoint)
• Experience in AWS Management Services (e.g., CloudWatch, Lambda, AWS Config, Security Hub).
• Experience with Infrastructure and Platform Services (e.g., EC2, RDS).

Certifications
Preferred: CISSP

Knowledge, Skills, and Abilities

• Ability to plan, develop, implement, and update company's information security strategy.
• Excellent communication skills
• Excellent presentation skills that cater to technical and non-technical audiences.
• Strong analytical and problem-solving skills and ability to manage multiple projects successfully, ensuring timely and budget-friendly completion.
• Strong interpersonal skills, and the ability to influence and solve problems effectively.
• Solid understanding of HIPAA/HITRUST requirements, cloud-first security practices, and various security tools and technologies.

Financial Responsibilities
Revenue Responsibility: No

Budget Responsibility: No
People Management: No