Senior Information Security Engineer - Kansas City, United States - Dairy Farmers of America

    Dairy Farmers of America
    Dairy Farmers of America Kansas City, United States

    3 weeks ago

    Default job background
    Description

    Assist with the planning, design, and implementation of technology and procedures designed to protect the confidentiality, availability, and integrity of DFA's information assets. Responsible for performing security research; identifying vulnerabilities and threats and designing the necessary safeguards (both technical and administrative) to minimize risk and defend against potential attack; performing security assessments utilizing a variety of information security tools; managing and/or implementing systems critical to security; and providing education on information security policy and topics. Applies experience in security administration, project management, and technical infrastructure.

    Job Duties and Responsibilities

    • Act as security technical expert; provide advisory and consulting services to business and technical teams
    • Assist and/or lead the planning, creation, and management of security architecture, components, policies, processes, and standards for all applicable platforms and environments to influence IT services decision making
    • Conduct complex security architecture design and analysis of on-premise and cloud-based networks, systems, applications, third-party integrations and other technologies to identify risks and provide guidance on strategies for mitigating those risks
    • Design, deploy, and manage enterprise security tools including, but not limited to log management (SIEM), antivirus, intrusion prevention, data leak prevention, network access control, vulnerability scanning and remediation, etc.
    • Perform and/or analyze vulnerability scans and penetration tests to direct other parties in properly mitigating vulnerabilities. Support both internal and external penetration testing and validation of security control effectiveness
    • Maintain updated baseline security configuration standards for operating systems (OS hardening), network segmentation, and access controls in conjunction with industry best practices and applicable compliance requirements
    • Create and maintain high quality documentation for current and proposed security architecture, standards, procedures and technical configurations
    • Support achievement of Information Security's strategic objectives by ensuring policies, processes and standard controls are adopted and applied consistently across all locations
    • Determine security requirements by evaluating business strategies and requirements, researching information security standards, conducting risk and gap assessments, and studying architecture/platforms and processes
    • Research, recommend, and/or develop new or improved tools or relationships to enhance security services, information intelligence and analytics
    • Ensure that all acquired or developed security systems and security architectures integrate with enterprise security architecture
    • Proactively identify threats and vulnerabilities, and collection, correlate and analyze data to detect potential unauthorized system accesses
    • Participate andor lead investigation efforts to determine root causes and appropriate response actions
    • Continually stay informed on security and technology issues and emerging threats that could impact the business and communicate these issues within the security team and other appropriate audiences
    • Assist in developing and implementing security awareness and technical training efforts
    • The requirements herein are intended to describe the general nature and level of work performed by employee, but is not a complete list of responsibilities, duties, and skills required. Other duties may be assigned.