Length: 9 months with possibility to extend
As an Infrastructure Security Engineer, you will partner directly with the client Infosec team to lead the adoption, implementation and execution of security related policies, projects, and initiatives. This position sits with the Infrastructure team but will also have a seat at the table with the Infosec team.
We’re looking for someone who is: ·
- A problem solver. You aren't afraid to go deep, experiment, learn on the fly, and do the work.
- Passionate about turning complex business requirements into working solutions that delights users.
- Humble but opinionated. You have lots of ideas, yet you are happy to shift directions when a better path emerges. You take your work much more seriously than you take yourself.
- An active collaborator. You want feedback on your work early and often, and you get a kick out of a collaborative process because it challenges you to do better work.
- Engaging beyond 1s and 0s. You understand that empathizing with our users, building relationships with your co-workers, and going deep on the product makes you a better teammate and a better engineer.
- Assess and build requirements for execution of Infosec driven initiatives.
- Understand, implement, and automate security controls, governance processes, and compliance validations
- Manage, design, integrate, and implement the Cepheid PKI infrastructure utilizing both traditional and cloud based technologies.
- Communicate requirements and effort needed to execute on security initiatives to all stakeholders.
- Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines.
- Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems.
- Execute as an Infrastructure technical lead on small Infosec driven initiatives.
- Act as a project manager to execute larger initiatives when needed, coordinating with all stakeholders and keeping everyone informed regularly.
- Apply patches where appropriate and, at the direction of Security Architect, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards.
- Create and maintain standard work documentation for repeatable processes.
- Respond to and, where appropriate, resolve or escalate reported security incidents.
- Create and maintain documentation for all related infrastructure as needed.
- Communicate and delegate work to both on and offshore contractors to increase efficiencies.
- Assist and train others in the use of security tools, the preparation of security reports and the resolution of security issues. ·
- Track work in the Cepheid ITSM solution, Jira, and Innotas.
- Assess infrastructure initiatives to ensure they are following best practice guidelines as well as Infosec policies and procedures. ·
- Identify and propose new solutions to better our security posture.
- Partner with networking and cloud teams to provide guidance on firewall and security configurations.
- Stay up to date on the latest security trends and work with Infosec to help drive communications when needed.
TRAINING RESPONSIBILITIES: (REQUIRED)
- Complete all assigned and required training satisfactorily and on time for people managers, ensure your associates attend and complete all required trainings satisfactorily and on time.
- A minimum of 10+ years of broad IT experience
- A minimum of 5+ years of PKI Infrastructure and Key Management support
- Experience with managing vulnerability management tools and processes.
- Experience with remediating vulnerabilities on Windows and Linux operating systems, and other infrastructure assets.
- Experience working with application owners to facilitate patching and remediation activities.
- Experience with AWS and other cloud infrastructure technologies.
- Solid understanding of virtualization, server, and storage technologies.
- Solid understanding of networking concepts such as DHCP, DNS, Routing, etc.
- Solid understanding of backup technologies and processes, Commvault experience a plus.
- Experience managing and maintaining Windows and Linux servers in an enterprise environment.
- Experience working in an Agile/Scrum environment
- A keen interest in new technologies and open source
- Knowledge in Infrastructure automation, build automation and deployment automation
- Any Security and/or AWS focused certifications are a plus.
Physical requirements/abilities: (Manufacturing positions only)
- Must be able to lift 25 lbs. Must be able to stand for several hours. Work may involve repetitive arm/wrist motions.