Senior Information Security Engineer
In This Role, You Will…
Perform all functions required to support daily data security operations. You will support and maintain a broad suite of information security infrastructure. You will be accountable for security and networking infrastructure component availability and integrity. As the Senior Information Security Engineer, you will perform network, system, computer, and application vulnerability assessments to identify, evaluate, and mitigate security risks, threats, and vulnerabilities against the company.
- Provides technical leadership and expertise with the deployment and maintenance of Mariner Finance Information Security solutions.
- Responsible for the planning, design, installation, maintenance, and support of security safeguard technologies ranging from but not limited to: firewalls, intrusion prevention & detection systems, enterprise antivirus and patching solutions, data leakage prevention, two-factor, threat detection, vulnerability scanners, and software deployment tools.
- Works with IT staff and business units to assess risk and address security issues.
- Provides expertise and guidance around issues while recommending solutions that mitigate and eliminate risk to Mariner Finance assets.
- Defines company security requirements and reviews systems to determine if they have been designed to comply with established security standards. Develops new standards as necessary.
- Participates in forensics and post-mortem investigations of Information Security incidents while preparing report documents illustrating the findings.
- Ensures that controls are in place and managed properly to meet legal and regulatory compliance of all Mariner Finance network and system infrastructures.
- Assists in the enforcement of security policies from planning, technology safeguards and remediation for data, software applications, hardware, and telecommunications.
- Ensures the development of and adherence to industry standards and best practices for all Information Security-related responsibilities. This includes but is not limited to: datacenters, networks, telephony, systems, databases, and applications.
- Validates and tests security architecture and design solutions to produce detailed engineering specifications with recommended vendor technologies.
- Reviews and recommends the installation, modification, or replacement of hardware or software components and any configuration change(s) that affect or risk security posture.
- Leads InfoSec development, testing, and QA functions to ensure that projects are securely delivered and fulfill expectations.
- Builds and maintains relationships with teams and third parties on security development and support issues.
- Be a member of the Security Incident Response Team. Provides highest level of technical consultancy to ensure problem resolution is achieved in the shortest possible timeframe.
- May perform additional functions depending on market demand and staffing in order to provide consistent quality customer service.
- Bachelor's degree in a related discipline (Computer Science, Information Systems Management, Engineering, or similar).
- CISSP certification.
- Minimum of ten (10) years of security engineering experience, specifically in networks, systems, database, and operations. Extensive expertise in developing and supporting complex security solutions.
- Previous Network Engineering or Systems Engineering background.
- Experience using scripting languages to automate tasks and manipulate data.
- System administration experience in a Windows, Linux, and Unix environment.
- Experience securing web applications and a strong understanding of web application design, function, and Secure Software Development Lifecycle.
- In-depth understanding and working knowledge of OWASP.
- Experience deploying, supporting, and safeguarding technologies in Amazon Web Services environments.
- Experience developing technical documents and procedures, topology maps, and with various software applications.
- Experience with all aspects of high-availability, fault-tolerant architectures.
- Ability to explain complex ideas and concepts to both a technical and non-technical audience.
- Passion for providing excellent customer service.
- Ability to work in a fast-paced environment. Ability to multitask, change direction, effectively prioritize, and meet deadlines.
- Ability to occasionally adjust work schedule to meet business needs (standard forty (40) hour week, with occasional after-hours and weekend requirements).