Information Security Engineer
Broomfield, CO, United States
Overview
The Information Security Engineer will be responsible for overall cybersecurity operations, which includes tasks such as identifying threats and vulnerabilities in systems and software, then develop and implement security solutions to defend against these vulnerabilities. Work in partnership with cybersecurity engineering, IT infrastructure, and Security Operations Center (SOC) teams to ensure solutions bring measurable impact to protecting the company's assets.
What You'll Do
Manage vulnerability and patch program ensuring we meet Information Security Policy guidelines based on criticality of the vulnerability. Vulnerability programs will include traditional operating systems, application security, cloud security posture, and attack surface management
Review and analyze vulnerability data to identify trends and patterns
Develop escalation paths for vulnerabilities that fall outside of policy; ability to discuss compensating controls when not able to remediate the vulnerability fully
Ticket queue management, escalations, and operational metrics reviews for each program
Direct interaction with vendors/partners in the vulnerability management space for issues resolution and system upgrades
Must possess strong communication skills to simplify messaging to stakeholders, ranging from SME who fix the vulnerabilities, to management team through communications of metrics
#LI-MS1
What You'll Bring to the Table
Bachelor's degree in computer science or business administration preferred
5+ years of experience in an Information Technology role
3+ years of experience as IT Security Engineer with specific experience in the following:
System hardening and patch management
Security policy creation, implementation, and auditing
Network security tools management
OS, application security, and cloud security patching
Knowledge of the vulnerability management process - identification, prioritization, remediation, and reporting
In-depth knowledge exploit analysis tools
Strong knowledge of networking technologies, common protocols and services and related security issues
Knowledge and experience of Security Frameworks; NIST, ISO/IEC 27001, PCI-DSS, etc., as it applies to security policies
Working knowledge of Windows and Linux operating systems, as it pertains to patch management
Must have experience with managed security service providers
The Company is an Equal Opportunity Employer committed to a diverse and inclusive work environment.
All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, or disability, or any other classification protected by law.
Title: Information Security Engineer
Salary or Pay Range: $115,000-$130,000
Workplace Persona: Connector
Pay offered will vary based on job-related factors such as location, experience, training, skills, and abilities.
This position is eligible to participate in a company incentive program.
This position is eligible for company benefits including but not limited to medical, dental, and vision coverage, life and AD&D, short and long-term disability coverage, paid time off, employee assistance, participation in a 401k program that includes company match, and many other additional voluntary benefits.
Job Category: Corporate