Security Engineer - Identity Management

Job Summary:

For this role, we are looking for a curious and innovative Security Engineer with a passion for information security, customer service, and compliance. You will be responsible for guiding security best practices while following security frameworks such as NIST, and SOC2. You will be leading the security programs to ensure minimal risk exposure. At IGS, we take a risk-based approach to our decisions and utilize industry best practices and security frameworks to guide us along the way. We are looking for someone that is good at understanding and solving complex and ambiguous problems and constantly seek improvement.

Primary Responsibilities: Security Design and Implementation:

- Design and implement security architecture for networks, systems, and applications to protect against potential threats.

- Deploy, configure, and manage security tools and solutions, such as firewalls, antivirus software, intrusion detection/prevention systems (IDS/IPS), and SIEM platforms.

- Design and maintain secure network architectures, including segmentation, encryption, and VPN solutions to protect data in transit.

Security Operations:

- Develop and maintain scripts and automation tools to streamline security processes and improve response times.

- Analyze security data and logs to detect and investigate security incidents, including malware infections, suspicious network traffic, and unauthorized access attempts.

- Continuously monitor security tools and systems, such as firewalls, intrusion detection systems (IDS), and Security Information and Event Management (SIEM) solutions, for potential security threats and anomalies.

- Assist in managing and maintaining the security integrity of all IT systems and network architectures.

- Provide security administration for all IT Security applications and associated accounts.

- Perform regularly scheduled security reviews (e.g., technology, operations and personnel).

Incident Response:

- Build and maintain tools and infrastructure to support incident detection, response, and recovery, including forensics and log analysis.

- Respond to security incidents promptly, including analyzing the incident, containing the threat, eradicating the cause, and recovering affected systems.

- Maintain detailed documentation of security incidents, including the steps taken to resolve them, and generate comprehensive reports for management and stakeholders.

Vulnerability Assessment:

- Conduct regular vulnerability assessments and testing to identify and address security weaknesses in systems, networks, and applications.

- Analyze scan results, prioritize vulnerabilities based on risk, and collaborate with relevant teams to facilitate timely remediation efforts.

- Integrate security best practices into the software development lifecycle (SDLC), including code reviews, static and dynamic analysis, and secure coding standards.

Security Audits:

- Perform security audits to ensure compliance with internal policies, industry standards, and regulatory requirements.

- Prepare reports and recommendations based on audit findings.

Documentation:

- Maintain comprehensive documentation, including security diagrams, configurations, and standard operating processes.

Troubleshooting and Support:

- Provide multi-level support for security related issues, ensuring timely resolution.

- Collaborate with other IT teams to diagnose and resolve complex security problems.

Other Responsibilities:

- Work closely with IT and other departments to ensure security measures are integrated into all aspects of the organization's technology and operations.

- Apply knowledge of information security principles and practices.

- Ability to think strategically but willingness to handle, first-hand, the mechanics of technology services required by the business.

- Other duties and responsibilities as assigned.

Required Skills:

- Exceptional organizational skills, follow through, and multitasking abilities.

- Able to drive results with a sense of urgency relative to the end user.

- Decisiveness, good judgment, analytical/math aptitude, and problem-solving skills to act with authority and take risks in an environment with little direction from others.

- Excellent communicator with strong organizational savvy and leadership skills necessary to interface with and influence all levels of organization.

- Ability to work in a fast-paced and dynamic environment.

Minimum Education and Experience:

- Minimum of 5 years of technical experience, with at least 3 years of security focus.

- Demonstrated knowledge of, and experience in implementing security technologies and processes.

- Professional certifications within security-related areas, while not a minimum requirement, would be highly desirable.

LI-AM1

Work Authorization:

Applicants must be authorized to work in the US on a full-time basis. Unfortunately, a current or future need for sponsorship is not supported or available for this position.

Salary Range:

$87,630.00 - $140,210.00

- This range reflects base pay only. Incentive earnings, like commissions or bonuses, are not included. This role is also eligible for an annual incentive plan based on company performance.

How We Support Your Wellbeing:

Our employees are our most valuable asset. That’s why at IGS, we are committed to offering a holistic benefit program that allows employees to stay healthy, feel secure, and maintain flexibility in their wellbeing journey.

- Healthcare Essentials: Comprehensive coverage including medical (plus free telehealth), dental, vision, and employer health savings account contributions.

- Mental Wellbeing: Robust support through Headspace and free mental healthcare visits for you and your dependents.

- Family Planning Support: Extensive assistance with Maven, paid family and caregiver leave, and fertility, adoption, and surrogacy services.

- Financial Readiness: Strong financial foundation with a 401(k) plan, company match, and access to financial wellbeing tools.

- Work-Life Balance: paid time off, tuition reimbursement, paid leaves, employee hardship fund, and a wide range of additional perks.

Equal Opportunity Employment

:

It is the policy of IGS Energy to ensure equal employment opportunity in accordance with all applicable federal and state regulations and guidelines. Employment discrimination against employees and applicants due to race, color, religion, sex (including sexual harassment), national origin, disability, age, sexual orientation, gender identity, military status, and veteran status or other legally protected class under applicable law is prohibited.