SENIOR SECURITY ENGINEER
Tulsa, OK, United States
Evaluate and recommend controls to mitigate information technology, security, and privacy risk. Map internal controls to appropriate established industry standards.
Identify and evaluate technology risks internally and/or at third parties, internal controls which mitigate risks, and related opportunities for internal control improvements.
Understand complex business and information technology management processes.
Assess application layer security controls to ascertain whether they comply with policies.
Maintenance and management of information security related applications.
Monitor, triage and address cybersecurity alerts reported by information security systems.
Proactively identify risks and active threats to the organization, IT systems, and applications.
Tune cybersecurity incident detection systems to provide effective security for the organization.
Perform incident response tasks including evidence preservation and other incident response actions to contain threats within the environment.
Endpoint and application hardening for risk reduction.
Perform vulnerability scans and testing, publish remediation instruction, and track resolution.
Evaluate and make recommendations to management to continuously improve cybersecurity posture.
Work closely with management to prioritize business goals and information security needs.
Automate manual system processes related to remediation and other tasks.
Draft new and maintain existing IT Security processes, procedures, and documentation.
Escalates support incidents and requests, as required, to internal staff and/or external managed service providers.
Work with both internal resources and outside vendors in accomplishing operating objectives.
Participate in knowledge sharing and cross training.
Participate in regulatory and compliance audit activities.
May be assigned other functional duties specific to the individual needs of the department.
Perform any other duties as required or assigned.