The Security Engineer will collaborate with teams to design fine-grained technical controls around access to sensitive datasets and ensure their compliance with the regulatory requirements while providing strong technical support, enabling technical decisions to be made with confidence and at pace.
This role generally works a standard business week, but occasional weekend work / out of hours may be required.
Responsibilities (Other duties may be assigned.)
Carry out Host-Based Vulnerability Assessments
Drive the remediation of identified vulnerabilities across multiple departments.
Responsible for monitoring and responding to alerts
Support incident response in case of a security breach
Support and continuously enhance our existing security services for Cloud
Collaborate across multiple teams to remove blockers to drive forward implementation
Work with internal and external support teams
Education and/or Experience
College degree or equivalent work experience
7-10 years in Information Technology, with a comprehensive Security Operational background
Experience with security frameworks (NIST, MITRE, CIS, ISO SOC2)
Hands-on experience with the configuration of cloud technologies
Knowledge, Skills and Abilities
Extensive knowledge of cloud operations and automation
Extensive knowledge of key security practices in access control, application security, network security, and security strategy
Knowledge of regulatory data requirements in the cloud, aligned with HIPAA, GDPR or other compliance standards
Basic understanding of containerization technology
Have a strong knowledge of privileged access management, vulnerability management, and threat intelligence
Build multilayer working relationships with both technical and business stakeholders, gaining their respect and trust based on your knowledge and professionalism
Strong root cause analysis, problem-solving, and analytical skills
Excellent communication and analytical skills for incident and problem management as well as stakeholder management
Ability to effectively document operational process and procedures
Technical Skills
Basic understanding of DevOps tools (GitHub, Jenkins, Nexus, Ansible, etc.)
Excellent understanding of Amazon Web Services (AWS) the AWS shared responsibility model, KMS, CloudTrail, CloudWatch, CloudFormation ,Lambda and GuardDuty
Extensive knowledge of SIEM and SOAR tooling
Proficient in Linux, Node.js, YAML and JSON
Language Skills
Ability to speak the English language proficiently, both verbally and in writing.
Travel Requirements
This position may require up to 10% travel based on business need.
Work Environment
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Employee works primarily in a home office environment.
The home office must be a well-defined work area, separate from normal domestic activity and complete with all essential technology including, but not limited to; separate phone, scanner, printer, computer, etc. as required in order to effectively perform their duties.
Work Requirements
Compliance with all relevant FINEOS Global policies and procedures related to Quality, Security, Safety, Business Continuity, and Environmental systems.
Travel and fieldwork, including international travel may be required. Therefore, employee must possess, or be able to acquire a valid passport.
Must be legally eligible to work in the country in which you are hired.