• Security Engineer

    Location US-TX-Austin
    Job ID
    2018-10822
    # Positions
    1
    Category (Candidate Search)
    Information Technology
    Position Type
    Permanent
    Business Group
    SolarWinds MSP
  • Overview

    This is a hands-on role that requires a strong understanding of enterprise-level security frameworks, policies, processes, and standards, and has good practical knowledge of system, network, mobile, cloud, and application security. You will help to develop, document, and enforce security standards, guidelines, processes, and procedures to support our enterprise security posture and protect SolarWind’s corporate and cloud infrastructure including:

    • Guiding the daily operational monitoring and escalation of information security events and at times functioning as an incident responder to examine security events for context, appropriateness, and criticality.
    • Administering security tools, security event monitoring, alerting, and reporting
    • Reviewing and updating our incident response process and playbooks to ensure a consistent approach and response to current & emerging threats.
    • Participating in security risk and compliance assessments for applications, infrastructure, and vendor/third parties,
    • Identifying operational security issues within the global enterprise IT environment and evaluating risk based on our enterprise risk framework.
    • Performing due diligence security assessments on third party vendors to determine the effectiveness of their controls to protect SolarWinds data.
    • Assisting with various third-party risk management initiatives and working closely with the office of the CIO and legal teams
    • Monitoring security events from automated and manual sources and handling incidents submitted via tickets, email, or phone.

    Responsibilities

    • Minimum 5 years of experience as a security administrator, engineer, or analyst in an enterprise environment
    • Bachelor’s degree in Business, Computer Science, or an Information Security related discipline; or equivalent combination of education and experience.
    • Experience with cybersecurity forensics tools and methodologies, incident response planning and playbook development
    • Strong understanding of Information security concepts such as risk management, control gap assessments, threat modeling, security automation, cloud security, security architecture, and incident response
    • Experience in implementing and enforcing security standards, policies and procedures
    • Experience in risk management, data classification, and corporate threat assessment
    • Knowledge of IT Security, Incident Response, Access Control and Authorization, including IT Governance and NIST’s Cybersecurity frameworks
    • Must be self-directed, able to manage solo projects or participate as part of a larger team and be able to manage multiple deadlines

    Qualifications

    • Technical and industry certifications or equivalent experience are a plus (CISA, CISM, CISSP, GIAC)
    • Solid understanding of cybersecurity “best practices” including principles, security protocols and standards material such as OWASP Top 10 and SANS Critical Security Controls
    • Broad understanding of the cyber security threat landscape and the tools, techniques and tactics of threat actors.
    • Solid understanding of the life cycle of network threats, attacks, attack vectors, and methods of exploitation with an understanding of intrusion set tactics, techniques, and procedures
    • Experience with on premise and cloud-based security technologies like data loss prevention, endpoint security, log and event analysis, user behavior analytics, next generation firewalls, and file integrity monitoring.
    • Knowledge of enterprise information security systems and implementation
    • Knowledge of Virtualization and Cloud security
    • Proficient in MS Excel, Word, PowerPoint and SharePoint
    • Excellent verbal and written communication skills.
    • Ability to interact confidently with all levels of technical and management client teams.
    • Must be able to promote information security as an enabler of the organization's core business processes

    Apply/Socialize Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed

    Connect With Us!

    Not ready to apply? Connect with us for general consideration.