Security Engineer - Hybrid in Pittsburgh, PA presso A.C. Coy
A.C. Coy · Pittsburgh, Stati Uniti d'America · Hybrid
- Professional
- Ufficio in Pittsburgh
Location: Hybrid, Pittsburgh, PA
Job Type: Full Time / Permanent
Work Authorization: No C2C or Sponsorship
The A.C.Coy company has an immediate opening for a Security Engineer. This role will be responsible for improving the company's security platforms while managing and improving the overall infrastructure.
Responsibilities:- Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies
- Provide Subject-matter-expertise and administer Palo Alto Panorama, PANOS, Prisma, and Wildfire solutions
- Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting
- Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation
- Administer the Firm’s security solutions including, CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology
- Develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring
- Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders
- Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting
- Effectively deliver reliable and scalable solutions and services, aligned to the Firm’s client and shareholder requirements, that reduce risk and balance operational impact and usability
- Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation
- Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm’s security requirements
- Deliver exceptional customer service and provide security and operational consulting, project and design support, cross-training, and troubleshooting to IT Administrators, staff, shareholders, clients, and vendors
Required Education
- Bachelor's degree in an Information Security, Computer Science, Business or Engineering related program; Advanced degree preferred.
Required Experience
- (5) years of experience in Information Security
- Knowledge and experience with varying information security processes and tools
- Ability to identify security technology risks
- Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities
- Proficient knowledge of IP networking and public cloud security principles
- Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW
- Expertise in malware detection technologies and remediation
- Experience in security event management and security incident response processes, tools, and procedures
- Expertise in the following technologies providers (or comparable): CrowdStrike, Palo Alto, Tenable, and Azure
- Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security
- Experience with scripting and query languages such as python, PowerShell, CQL, and XQL
- Understanding of ISO/IEC 27001:2022 ISMS principles