6 months ago
SENIOR I.T. SECURITY ENGINEER
Office Support Services, LLC. (OSS) is a privately owned provider of core IT, HR and Finance services to a group of commonly owned manufacturing businesses (TECT Aerospace, TECT Power, and others). We are a dedicated and supportive group, focused on continuous improvement. Together we help our customers to efficiently produce world class products. OSS is looking for a Senior I.T. Security Engineer to fill a critical role as part of our core team, reporting directly to the OSS Senior IT Manager.
The Senior I.T. Security Engineer will be responsible for evaluating ongoing risk, designing, architecting, implementing and maintaining global security, vulnerability and patching systems and ensuring compliance to prevent loss or damage due to internal or external threats.
Excellent communication skills, experience and enthusiasm for the role are required. Candidates must be U.S. citizens and can be located anywhere in the US as this is a remote position.
Duties and Responsibilities:
The Senior I.T. Security Engineer should:
* Possess a can-do attitude with a desire to understand and solve challenges if and when they should arise.
* Be able to make decisions independently when necessary and take appropriate action to protect the assets of the business.
* Manage multiple concurrent projects, ensuring tasks are completed on time and within budget.
* Have solid knowledge of networking, including routing, advanced switching, DNS, DHCP, TLS.
* Possess a solid and demonstrated understanding of firewalls, email filters, VPN devices and other edge related security systems as well as internal systems such as end point security.
* Understand vulnerability scanning.
* Be able to identify potential risks, document and communicate weaknesses in company security posture and propose complete solutions with cost estimates to management.
* Assist in the preparation of the annual budget for all security and risk related items, including renewal, replacement or net new items.
* Stay knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks.
* Assist in the delivery of education to end users to help prevent human risk factors.
* Communicate new or imminent threats to management.
* Ensure adequate logging and alerting is established and review logs and alerts in a timely manner, communicating concerns and issues to management where appropriate.
* Evaluate and assist in the completion of external audits and security survey requests, noting areas of non-compliance or potential improvements.
* Perform internal vulnerability assessments and lead the effort to remediate vulnerabilities with the business unit and core IT teams.
* Ensure system patching is completed in a timely manner.
* Continuously evaluate communication security, data vulnerability, business continuity and compliance risks.
* Examine employee compliance with security controls and deficiencies.
* Evaluate security policy, processes and procedures for completeness, assist with the creation of new or revision of existing policies, processes and procedures.
* Ensure that controls are adequate to protect sensitive information systems.
* Communicate recommended business continuity preparations and controls, including deficiencies, to management.
* Participate in the maintenance of the business continuity / disaster recovery plans as it pertains to risk avoidance and security.
* Manage third party assessments to help measure the effectiveness of implemented systems, policies and procedures.
* Have 10+ years of demonstrated I.T. security experience, preferably in a small team or in roles where you were solely responsible for security or core aspects of security.
* Bachelor’s degree in Engineering, Computer Science-Security emphasis
We offer a full range of benefits to full time employees, including medical, dental, vision, life, dependent life, long term disability, 401k (with co. match), paid holidays and vacations, education assistance and more.
Adhere to defense industry’s initiatives on business ethics and conduct with respect to fraud, waste, and abuse. Meet compliance requirements of TECT Business Conduct Guidelines as applicable to this position.