Senior Security Engineer
Job #2458: Chameleon Technologies is searching for a hands-on Senior Security Engineer to join an IT Operations team. In this role, you will design, plan, and execute key security initiatives to protect IT systems, data, and people (internal & clients). You will partner with stakeholders at all levels of the organization, on a variety of initiatives that arise from business, compliance, and technological security needs. Initiatives on the road map include continuing education and implementing security best practices, helping to define security for our newly launched cloud-based products, rolling out an IDS Tool, penetration testing, code scanning and so much more.
If you are looking for a high impact role where you can use your security expertise and knowledge to lead and shape the future of security for a mid-size software company, this is a perfect opportunity for you!
- Help elevate security infrastructure best practices, policies, and procedures across the company.
- Oversee security for production servers, networks, endpoint devices, and corporate data.
- Analyze our security posture, identify gaps, act as a trusted subject matter expert, and work closely with other teams to ensure strong operational security.
- Lead complex security projects from design through implementation and maintenance i.e. automated tools, scripts, and deployment.
- Engage in forensic level root cause analysis to investigate security incidents.
- Ensure the company complies with all security policies and compliance requirements.
- Partner with the Compliance Team to ensure the company is compliant with SOC regulations.
- Participate in design and implementation reviews of security and infrastructure projects.
- Create and maintain documentation for security tools and services.
- Stay updated on and research current information security topics.
- Identify and recommend solutions to enhance the company’s security footprint.
- 7+ years’ experience in a hands-on information security role
- 7+ years’ experience with identity and access management systems (i.e. CA IDM, IBM IAM, SailPoint, etc.)
- Experience with Active Directory and other LDAP stores and X.500 directories
- Experience with cloud infrastructure (AWS, GCP, or equivalent)
- Experience with compliance standards e.g. PCI, SOC 2, HIPAA, ISO 27001
- Experience with log management tools such as ELK, Splunk, and SumoLogic
- Experience with vulnerability scanning tools
- Industry knowledge of security principles and applications
- Knowledge of ITIL fundamentals
- Proven experience leading security projects and working successfully on a team or independently
- Passionate about building a top-notch security program
- Solid verbal, written and interpersonal skills to enable effective cross-department communications
- Certifications like OSCP, CISSP, RHCE are a plus