Our client, a supply chain organization experiencing strong growth, is seeking an IT Security Engineer for their Atlanta office. This newly created position will play a key role on the Information Security team with responsibility for protecting and securing the organization's systems from external and internal threats. This role will be responsible for recommending, designing and building a perimeter network to defend our client's robust systems, while maintaining the integrity and confidentiality of their data. This role is a great opportunity for someone with around 5 years of experience to join an organization at the right time and have a good growth path to leadership.
The company culture is people-centric where people at all levels feel valued and excited about the organization has on its consumers. The benefits package is strong with bonus plans, good medical, dental, and vision packages as well as a 401(k) with a match. Generous holiday, vacation, and PTO programs as well as opportunities for flexible schedules and working at home options.
Responsibilities • Provide counsel and educate management, peers and users to ensure we are in compliance with regulations and all security policies and standards are followed. • Develop and maintain a comprehensive IT Security and Risk roadmap to include governance, necessary upgrades, implementation of new security systems, workforce education, documentation and necessary internal and external audits of security systems. • Architects, designs, implements, maintains and operates information system security controls and countermeasures. • Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance. • Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends. • Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders. • Administers authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets. • Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management, develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments. • Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems. • Document security policies, training materials, and best practices. Qualifications • 5 + years of work experience in IS network and system security. • Bachelor’s Degree or equivalent work experience and/or Certifications. • Must understand and demonstrate concepts: File Integrity Monitoring, Firewalls and IPS functionality, server hardening, security incident qualifiers, risk assessment ranking, application security concepts and protocols, network level security concepts, data encryption standards and implementation. • Experience protecting medium to large systems. • Current on the latest security development, techniques, and tools. • Attention to detail and documentation. • Demonstrated ability to work well under pressure and excellent problem-solving skills. • Excellent verbal and written communication skills, both internally and customer facing. • Strong knowledge of Cisco routers and switches, Fortinet firewall and management products, network and data-center architecture design. • The ideal candidate will have extensive knowledge of LAN, WAN and cloud infiltration methods in order to plan and carry out security measures to monitor and protect sensitive data and systems consisting of physical and virtual servers, in the cloud and on-premise, Windows and Linux, personal computer and mobile devices, with locations in America and Canada. • Strong knowledge of Windows Servers, Active Directory, Group Policy, VMWare, Azure, and Office 365. • Experience with external and/or internal breaches. • Preferred Certifications: Security +, CEH, CISSP, GSEC, or SANS
We are an Equal Opportunity Employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity and/or expression, status as a veteran, and basis of disability or any other federal, state or local protected class.