Note: The job is a remote job and is open to candidates in USA. Hibbett is a retail company seeking a Senior Security Engineer, IT to secure IT and business resources. The role involves monitoring for risks, supporting IT needs, and implementing new security models while also overseeing various security platforms and leading incident response efforts.
Responsibilities
- Oversee ZTNA and XDR platforms, handling any updates, changes, or issues related to these platforms
- Devise and architect automation of multiple IT business needs
- Oversee issues, problems, and changes related to IT certifications
- Provide thought leadership and mentoring for all IT Security personnel
- Respond to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement
- Identify and define system security requirements
- Design system security architecture and develop detailed security designs
- Design, deploy, and administer network and application security controls such as intrusion detection/prevention, vulnerability scanning, log reporting and correlation, web application scanning, endpoint protection, securing wireless networks, access controls, and encryption capabilities
- Proactively mitigate risks to the organization from emerging threats by maintaining knowledge of current technology, issues, and best practices related to information and systems security
- Plan and execute security assessments such as internal and external network penetration tests, network vulnerability scanning, website vulnerability assessments, and others. Report findings and assist with defining, designing, developing, and the implementation of any remediation plans necessary
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Utilize IT Security tools to monitor and research potential information security issues related to the systems at the organization to ensure internal security controls are appropriate and operating as intended
- Ensure the organization information technology policies are appropriate, achievable, and followed
- Participate in developing and administering appropriate sensitive information handling and storage practices
- Provide advice, evaluation, and oversight for information security training and awareness programs
- Provide guidance for IT process and technology improvements with security in mind
- Work with software development teams to create guidelines for secure development and application configuration standards. Develop testing capabilities to verify standards are followed and deployed correctly
- Protect the company's assets and financial information by ensuring the accuracy and effectiveness of internal control procedures and informing management and/or appropriate officials of potential fraud risk
- On-Call Duties: On-call within organization due to connecting with third party vendors as part of the incident response plan in order to protect the data of the organization
- Measurable Outcomes: Ensure internal/external threats (attacks) are blocked to protect the data and interests of the organization. Ensure vulnerabilities are remediated (recognize potential threats) in order to maintain security of the organization, and being prepared for incident response to meet preventative security needs and mitigate risk for the organization
Skills
- Bachelor's degree in computer science or a related field or equivalent experience
- 5 - 7 years of related experience
- Must have a thorough understanding of Linux and Windows environments
- Strong organizational skills
- Strong leadership and communication skills
- History of success in making change and achieving objectives
- Ability to work effectively in a team environment and facilitate positive interpersonal relations with coworkers
- Ability to rely on experience and judgment to plan and accomplish goals
- Ability to multitask and prioritize
- Ability to meet deadlines
- Strong technical background from a network or infrastructure perspective
- Strategic agility, analytical thinking, and risk management
- GSEC, Security+, or other related certifications preferred
Company Overview
Company H1B Sponsorship