The IT Security SOC Engineer will be responsible for leading or supporting activities related to the “Enterprise Privacy and Information Security” program. Specifically, this individual will act according to direction provided by the Sr. Manager, Information Security, Data and Privacy in connection with providing research, design, implementation, and daily operational support related to the following key areas of concern:
o Cloud Security
o Application Security
o Infrastructure Security
o Endpoint and Mobile Device Security
KEY RESPONSIBILITIES/DAILY DUTIES
The IT Security Engineer will be tasked with the following responsibilities/duties, all in accordance with applicable Federal, State and local laws / regulations as well as ratified policies, procedures, and guidelines:
o Developing strategies to respond to and recover from a security breach.
o Developing or implementing open-source/third-party tools to assist in detection, prevention and analysis of security threats.
o Implementing robust/scalable protection solutions related to the specific InfoSec needs of KCC.
o Installing and managing use of firewalls, data encryption, and other security products and procedures.
o Conducting periodic internal network scans to find and mitigate existing vulnerabilities
o Conducting (or overseeing/parsing results of) mandated penetration testing on an annual basis.
o Investigating possible data security events/incidents.
o Leading Incident Response, including steps to minimize the impact of an InfoSec event or incident and being prepared to conduct full-scale post-breach response/recovery activities if necessary.
o Assist in developing and implementing Security Operations Center CONOPs, Operating Model, and Deployment plan.
o Develop and update operational processes and operating procedures.
o Coordinate activities to ensure integration of the operational processes and operating procedures.
o Work with internal technology teams to mitigate cyber risk and threats
o Identify opportunities for efficiencies in work process and innovative approaches to completing scope of work
o Participate in team problem solving efforts and offer ideas to solve issues
o Conduct relevant research, data analysis, and create reports
o Maintain responsibility for completion and accuracy of work products
o Assist in proposal development, as requested
o Actively expand skills and professional development through training courses, mentoring, and daily interaction with peers & team members
EDUCATION, CERTIFICATIONS, AND TRAINING
1. Bachelor’s degree or equivalent work experience required.
2. Minimum of 7 years of relevant experience in consumer finance and manufacturing environments preferred.
3. Minimum of 10 years in IT Operations and / or Security roles.
4. Relevant technical certifications (such as a CISSP, CRISC, SSCP, CompTIA Security+, CASP, CCNA Security, GIAC , GSEC, ) are desirable or willingness to obtain relevant certification within 1 year of employment would be ideal.
SKILLS AND BACKGROUND:
o Familiarity with industry frameworks and standards, such as ISO 27002, NIST-SP, COBIT and SSAE18, etc.
o Knowledge of and experience with Federal security regulations, standards, and processes including FISMA, FIPS, NIST, and FedRAMP
o Familiarity with Threat Intelligence and security operations processes and procedures development
o Working knowledge of network infrastructure and security monitoring tools
o Experience with network penetration testing and remediation o Experience configuring web security appliances in accordance with company security policies
o Ability to scope and perform risk assessments
o Experience with SIEM technologies
o Experience with Managed Security Service vendors and technology
o General fundamental knowledge of Azure cloud computing infrastructure and security o Ability to work independently and solve problems as they arise
o Ability to handle confidential and sensitive information with integrity o Ability to continuously learn new technologies
o Excellent verbal and written communications skills