The Senior Security Engineer serves as a subject matter expert, applying cyber security best practices and helping to develop cyber security standards for the organization. By developing partnerships with the Infrastructure and Application Development teams, the Senior Security Engineer expands the influence of the Cyber Security team, as well as provides assurance that cyber policies are being followed through frequent reviews and assessment.

The Senior Security Engineer guides, designs, coordinates, and implements cyber requirements as part of infrastructure, and application development projects. This role also identifies, recommends, and implements tools and techniques needed by the Cyber Security organization. As part of this process, it is expected that the Senior Security Engineer will be able to thoroughly document proposals, rollout plans, audit findings, and review these with senior leadership.

The Senior Security Engineer analyzes security systems and seeks improvements on a continuous basis. Adjusting the tools to continuously meet the business needs and the evolving threat landscape, performs security audits of the environment, develop remediation plans, threat mitigation plans, and propose cost effective solutions to cyber security challenges.  

• Provide strategic direction for data security, incident response, emerging cybersecurity technologies and industry best practices.
• Work with DevOps and our application developers to establish a secure on premise and cloud platforms through automated, repeatable processes.
• Work with the Application Development teams to ensure security vulnerabilities are properly understood, prioritized, remediation plans developed to address the risk, and remediated in a timely manner.
• Perform validation of security vulnerability remediation activities.
• Implement, configure, and troubleshoot security tools and devices.
• Provide configuration, maintenance, and monitoring oversight of existing network and security technologies.
• Assist in the development of security event monitoring and alerting content related to network security toolsets.
• Identify any gaps in security tool coverage of full environment (corporate and cloud).
• Identify and define system security requirements.
• Evaluate and partner with vendors to implement security solutions.
• Develops and publishes metrics and dashboards demonstrating security posture and event activity.
• Facilitate the design of configuration baselines and identify gaps and create detailed recommendations.
• Create and advocate security awareness education to facilitate the prevention of security issues and vulnerabilities and ensure secure coding practices are followed.
• Advise and contribute to the development of security policy and procedures.
• Maintain strong awareness of events in the external community to identify threats and opportunities for enhancement. Apply those learnings to design and implement solutions.
• Providing support to investigations & incident management team on matters of information security, intrusion mitigation/detection and computer forensics.
• Coordinate the delivery of executive management reports, briefings and other communication related to cyber intelligence and security.
• Create and maintain good technical documentation.

Education

• Bachelor’s degree in computer science or related field; or a minimum of 8 years of equivalent work experience and a high school diploma/GED.
• Cyber Security specific certifications preferred.

Experience/Knowledge/Skills

• 8+ years of information technology experience.
• 5+ years of experience in some combination of cloud security, infrastructure security, penetration testing, firewall management, network security, identity management, security tools, architecture review.
• 3+ years of experience working in a security engineering role.
• Solid grounding in information security principles. Deep understanding of security solutions.
• Demonstrated experience of a progressive track record of technical achievement in the Cyber Security field.
• Experience with continuous monitoring and vulnerability management tools.
• Knowledge of security frameworks, standards, and best practices, such as ISO, NIST, and COBIT.
• Experience developing and implementing security policies.
• Experience configuring proactive alert notifications and monitoring techniques.
• Demonstrated experience working with development / engineering teams to identify and remediate vulnerabilities.
• Proficiency in common vulnerability scanning tools (Nessus, Qualys, etc).
• Experience working in Cloud environments (AWS, Azure, etc).
• Experience in implementing and configuring security tools.
• An organized and attention-to-detail approach (strong tactical execution), effective problem-solving skills, and the ability to make sound decisions in a self-directed and fast-paced environment.
• Project management experience.
• Excellent communication skills (written, verbal, presentation, and interpersonal).
• Experience leading, executing and operating enterprise scoped security projects in the following domains: platform security, end point security, network security, infrastructure, cloud security, data security and threat prevention.
• Ability to interact and negotiate across departments.
• Experience with security incidents and forensic investigations.
• Knowledge of and experience with risk management and mitigation.

What’s in it for you?

The expected hiring compensation range for this position is $117,500 - $161,600 annually.

This position will work in a hybrid environment with up to 3 days in office per week.

The total compensation package for this position may include other elements, such as a sign-on bonus, long term incentives, and annual bonuses.  This role is eligible to participate in the Legal & General America Annual Incentive Plan. The current target payment for the position is 20% of base salary, modified for corporate and individual performance. Bonuses are pro-rated based on start date.  This role has 20 vacation days and 10 sick days that are accrued on a bi-weekly basis. Employees also have 9 paid holidays throughout the calendar year.

We have a competitive compensation and benefits package focused on your overall wellbeing.  Employee benefits include health, life, and dental insurance; 401K with company match up to 6% as well as a pension package; generous time off; and wellbeing initiatives throughout the year (we like doing fun stuff).  We’re big on professional development and we’ll support and mentor you in your career progression and expect you to help us pay it forward by helping us develop tomorrow's leaders and growth-focused professionals. We value our teams and our communities and believe in giving back. Enjoy time off to volunteer for those causes that matter most to you!

If hired, employee will be in an “at-will position” and the Company reserves the right to modify base salary (as well as any other discretionary payment or compensation program) at any time, including for reasons related to individual performance, Company or individual department/team performance, and market factors. The Company reserves the right to change benefits plans at any time.

We are an equal opportunity employer and value diversity at our company. We do not discriminate based on race, religion, color, national origin, sex, gender, gender expression, sexual orientation, age, marital status, veteran status, or disability status. We will ensure that individuals with disabilities are provided reasonable accommodation to participate in the job application or interview process, perform essential job functions, and receive other benefits and privileges of employment. Please contact us to request accommodation.