Back to Job Search

Security Application Engineer

  • Location: McKinney, 75070
  • Job Type:Permanent

Posted about 1 month ago

Our growing DFW based client is seeking an experienced hands-on Security Engineer to be based out of their Corporate Headquarters in North Texas. This person will be responsible for all ongoing activities related to the availability, integrity and confidentiality of employee, and business information in compliance with the client's security policies and procedures, regulations and law.

Education and Work Experience

  • Demonstrated and proven technical and operational management experience or equivalent experience. Ability to assess, analyze, and propose efficient and cost effective solutions to identified risks; Policy and procedure writing experience required. Strong interpersonal skills, strong organizational skills, a positive attitude, and customer service orientation.
  • Minimum of five (5) years in information security role, information security or IT operations with technical knowledge and hands-on experience in information technology areas such as:
    • Implementation/Administration w/Information Security Tools Penetration Testing Information Security Incident Handling Information Security risk assessment, risk mitigation and incident response experience
    • Cloud Security framework (Azure, AWS , tools like wiz.io)
    • Identity Access and Authentication (Microsoft AD, Office 365)
    • Internet Security (zscaler or other tools)
    • Data Loss Prevention (zscaler or other tools)
    • Email Security (Proofpoint)
    • SIEM Solutions like Splunk, Sumologic
    • Network Security and Firewalls (Palo Alto )
    • Multi-factor authentication and Single Sign on capabilities (Okta, Ping Identity )
    • Vulnerability Management tools (Tenable, Qualys)

Preferred Qualifications

CISSP, CISM, CISA, and/or certifications preferred or working to achieve; Knowledge of relevant systems and tools such as: directory services, firewalls, user provisioning, identity and access management, auditing, cloud security, endpoint protection, GRC, SIEM

Duties and Responsibilities

  • Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement
  • Develop information security plans and policies. Develop a set of security standards and best practices for the organization, and recommend security enhancements to management as needed
  • Defining technical and non-technical information security standards; i.e. PCI Compliance, NIST CSF, procedures and guidelines in accord with compliance and regulatory requirements;
  • Perform technical security control assessments, baseline validations to identify vulnerabilities, and control deficiencies as part of continuous monitoring program. Measuring, analyzing, and reporting on information security metrics and incidents
  • Supporting Information Asset Owners(IAOs) and SRS Leadership in the definition and implementation of controls, processes, and supporting tools to comply with the policies and manage information security risks
  • Monitoring compliance with the client's security policies and procedures among employees, contractors, alliances and other third parties and taking corrective action when necessary;
  • Managing information security incident response, Supporting IAOs in the investigation and remediation of incidents or other policy violations;
  • Organizing and maintaining security awareness campaigns for personnel to enhance the security culture at the client.
  • Assisting with the development of disaster recovery and business continuity plans for information systems and testing readiness
  • Monitoring advancements in information security technologies, changes in legislation, and accreditation standards that affect the organization
  • Provide Subject Matter Expert (SME) support for development and review of security configuration standards for the client's systems, users, and environment including compliance requirements and other supporting platforms/systems.
  • Serve as an internal information security consultant to the organization
  • Up to 10% travel.