- Facilitate and execute the enforcement and administration of the Global IT Security Program's monitoring and governance efforts.
- Perform daily operational real-time monitoring and analysis of security events, particularly suspicious/malicious activities, from multiple sources and identify unauthorized activities.
- Provide security-related on-call emergency support as defined by standard operating procedures. Participate as a Security Incident Response Team member and conduct and steward investigation activities. Work closely with other IT groups while conducting investigations.
- Review threat information, keep up to date with the latest threats, and gain an understanding of common vulnerabilities and cyber-attack techniques.
- Act as project lead for small projects or as a technical contributor to larger projects.
- Manage the vulnerability management process.
- Securing the configurations on operating environments, including networks, routers/firewalls, workstations, and mobile devices.
- Support internal and external penetration exercises, including remediation and improvement of security operations and incident response.
- Defend systems against unauthorized access and malicious activities.
- Recommend configurations and support security tools such as firewalls, anti-virus software, patch management systems, etc.
- Perform vulnerability detection, risk analyses, and security assessments.
- Identify anomalies and abnormalities and report violations.
- Respond immediately to security incidents and provide post-incident analysis.
- Train company staff in security matters as needed, from end user to leadership position.
- Provide effective communication to business leaders and end users as needed.
- Participate in any information security-related activity as directed.
- Maintain and update CASB policies.
- Develop and maintain a baseline for operating systems, applications, and network equipment.
- Maintain and update WAF policies.
- Monitor external security posture and design mitigation plans in collaboration with stakeholders.
- Collaborate with team members to learn and assist with the Application Development and Embedded Devices security program.
- Identify gaps in coverage and update policies and controls as technology evolves.
- Audit patching compliance and present metrics to reflect the current state.
- Interact with the Infrastructure team on all servers, network equipment, security posture, and applications.
- Work with InfoSec Team Members to create periodic newsletters for Cybersecurity awareness to all users based on ongoing risks observed.
- Perform Security Vendor Reviews as part of the Vendor Assessment Program
- Maintain and update the Data Loss Prevention Program.
- Maintain and update the email gateway policies based on ongoing threats.
- Audit firewall policies and work with the infrastructure team to enhance protection.
- 5+ years of IT security administration with networked systems in a medium or large business environment
- 5+ years of hands-on experience in configuring and managing servers, networks including firewalls, routers, client machines, mobile device.
- Fluency in English, written and spoken.
- Professional certification in IT security management is desirable.
- Hands-on knowledge of Infrastructure components.
- Security-related certificates from one of the following vendors are highly desired.
- ISC2
- CompTIA
- ISACA
- EC-Council
- GIAC
- Cloud Security Alliance
- OffSec
- Cisco
- Experience in mitigating risks and adverse events on web-facing applications, servers, client machines, and mobile devices.
- Experience remediating audit issues, including developing compensating controls.
- Strong knowledge of the NIST Cyber Security framework, particularly the vulnerability management process.
- Experience in designing and implementing technical security safeguards.
- Experience in developing policy-based safeguards around the use of technology and infrastructure.
- Hands-on knowledge of the following:
- Data Loss Prevention tools
- Web Application Firewalls
- SIEM tools
- Email gateways, preferably Mimecast.
- Rapid7 tools (preferred)
- Solid understanding of mail flow
- Advanced problem-solving skills.
- Excellent verbal and written communication skills
- Adaptability for learning new business concepts within new environments and staff situations.
- Close collaboration with all IT Managers and their staff is required.
- N/A
- N/A
- Regularly required to sit for extended periods of time; frequently required to stand, walk, and use business equipment on daily basis such as PC, copier, fax, telephone, etc. occasionally required to reach overhead, bend and lift objects up to 20 lbs.
- Eyesight and hearing must be correctable to standard level.
-
Security Engineer
2 weeks ago
Verdant Infotech Solutions Lewisville, United StatesFormal Job Title: Security Engineer · Terms: 6 month contract with high possibility for extension · Location: 100% remote but need to work PST hours · Status: No H1B · Interview: Video · Must have LinkedIn with profile picture on it · Important points to consider for resource ide ...
-
Lead Information Security Engineer
1 week ago
Verdant Infotech Solutions Lewisville, United StatesTitle: Lead Information Security Engineer (AZURE) · Location: Chandler, AZ. (Hybrid) · Duration: 12-month contract · Visa: GC, USC, H4 EAD (No H1B) · Interview: 2 video · Duties: · Works with the Lead Engineers of the strategy/Engineering teams along with the Authentication ...
-
Netwerk Security Engineer
1 week ago
NS Stations Denton, United StatesDaarom wil je als Netwerk Security Engineer bij NS werken · Bijdragen aan mobiliteit van Nederland binnen de diverse en uitdagende IT- en OT-landschap van NS. · Samenwerken in een Agile-omgeving met Cybersecurity afdeling, DevOps Teams en de business. · Werken aan het Netwerk va ...
-
Security Engineer
3 weeks ago
Orthofix Lewisville, United States Regular, Full timeWhy Orthofix? · We are a leading global spine and orthopedics company with a premier portfolio of biologics, innovative spinal hardware, bone growth therapies, specialized orthopedic solutions and a leading surgical navigation system. Our combined company is over 1,600 strong, wi ...
-
IT Security Engineer
1 week ago
Tanner Health System Carrollton, United States Full timeJob Description · The IT Security Engineer develops and maintains enterprise-wide security architecture and strategies for all aspects of the security domain in alignment with the business strategy and goals. He she provides technical and security expertise to IT and business te ...
-
IT Security Engineer
3 weeks ago
Paycom Grapevine, United States Full timeDescription · "> The Senior IT Security Engineer functions include daily operations of the security solutions (Firewalls, Endpoints, Cloud Security, Email Security, IDS/IPS, etc.) and the identification, investigation, and resolution of security incidents detected by those syst ...
-
Network Security Engineer
4 weeks ago
Verdant Infotech Solutions Lewisville, United StatesTitle: Network Security Engineer · Duration : Long term · Location : Columbia, MD ( Hybrid Schedule - Monday,Tuesday & Thursday onsite ) Need Local · Interview: 2 Videos · Need updated LinkedIn with profile Pic. · TOP Skills: · Requires Active Secret clearance · Five years ...
-
IT Security Engineer
2 weeks ago
Paycom Online Grapevine, United StatesThe Senior IT Security Engineer functions include daily operations of the security solutions (Firewalls, Endpoints, Cloud Security, Email Security, IDS/IPS, etc.) and the identification, investigation, and resolution of security incidents detected by those systems. The Senior IT ...
-
Security Engineer
5 days ago
Motion Recruitment Irving, United StatesTitle: Security Engineer · Location: Fort Lauderdale Florida 33394 OR Irving, Texas · Contract Duration: 12+ Months · PenTester and offensive security experience. · Strong programming background required - They don't need someone that's been an application developer but should b ...
-
Security Engineers
4 days ago
Laiba Technologies LLC Frisco, United StatesJob Description · Job DescriptionRole: - Security Engineers with Primary skills on Identity & Access Management , Vault, Cloud & Kubernetes · Location: - Frisco, TX Day 1 ONSITE · Responsible for analysis, design and implementation coordination for tool and service designs within ...
-
Security Engineer
1 week ago
MillenniumSoft Inc Frisco, United StatesJob Description · Job DescriptionRole: Security Engineer (Hashicorp Vault)Location: Frisco, TX ...
-
Security Engineer
2 weeks ago
Edge Global Frisco, United StatesJob Description · Job DescriptionHi, · Hope you are doing well, · I have a job opportunity for you as Security Engineer : Frisco, TX : Contract If you are interested share your resume ASAP. · Position : Security Engineer · Location: Frisco, TX Day 1 ONSITE · Job type : Contract · ...
-
Network Security Engineer
5 days ago
Stelvio Group Addison, United StatesNetwork Security Engineer · Addison TX (Hybrid) 3 /4 days in the office ideally · $125, % bonus · Continuous development and learning · Unlimited Vacation · Stelvio is working with a life insurance organization, which has been operating for nearly 200 years to provide one of the ...
-
Security Engineer
1 week ago
Artmac Soft LLC Denton, United StatesJob Description · Job DescriptionWho we are · Artmac Soft is a technology consulting and service-oriented IT company dedicated to providing innovative technology solutions and services to Customers. · Job Description: · Job Title : Security Engineer · Job Type : C2C/1099 · Expe ...
-
Security Engineer
3 days ago
Collabera Irving, United StatesHome · Search Jobs · Job Description · Security Engineer · Contract: Irving, Texas, US · Salary: $55.00 Per Hour · Job Code: · End Date: · Days Left: 12 days, 3 hours left · Apply · Qualification: Understanding of attack surface management tools. · Deep understanding of ...
-
Security Engineer
2 weeks ago
Motion Recruitment Partners LLC Fort Worth, United StatesFort Worth, TX company is seeking a Senior Cybersecurity Engineer to join their team for a contract opportunity. · Leverage the latest technology to solve business problems in a collaborative environment at this Fortune 500 transportation giant. Top technical resources are retai ...
-
Security Engineer
2 weeks ago
Motion Recruitment Fort Worth, United StatesFort Worth, TX company is seeking a Senior Cybersecurity Engineer to join their team for a contract opportunity. · Leverage the latest technology to solve business problems in a collaborative environment at this Fortune 500 transportation giant. Top technical resources are retai ...
-
Security Engineer
2 weeks ago
PNC Dallas, United StatesPosition Overview · At PNC, our people are our greatest differentiator and competitive advantage in the markets we serve. We are all united in delivering the best experience for our customers. We work together each day to foster an inclusive workplace culture where all of our em ...
-
Security Engineer
5 days ago
AppLab Systems Inc Dallas, United StatesHi, · Hope you are doing good... · I am · Baiju · represented to Applab Systems and I have an excellent job opportunity for you. Please find the below job description and if you are comfortable, please reply or contact me for further discussion. · Job Title: Security Enginee ...
-
Security Engineer
2 weeks ago
DerbySoft Dallas, United StatesJob Description · Job Description · About DerbySoft · Connecting different businesses together is what DerbySoft's all about. We make the travel business easier by developing intelligent technology services delivering superior performance for our customers around the globe. We' ...
Security Engineer - Lewisville, United States - Orthofix
Description
Why Orthofix?We are a leading global spine and orthopedics company with a premier portfolio of biologics, innovative spinal hardware, bone growth therapies, specialized orthopedic solutions and a leading surgical navigation system. Our combined company is over 1,600 strong, with products distributed in 68 countries worldwide and a global R&D, commercial and manufacturing footprint, and this is just the beginning
Come join our global team of dedicated professionals who through their extraordinary efforts demonstrate every day their commitment to our mission of improving the lives of patients. At SeaSpine and Orthofix our culture is built around Integrity and the core beliefs we live by: Exceed Expectations, Work Together, Be Respectful, Get Lean and Have Fun
How you'll make a difference?
This position has the primary responsibility for implementing strategic initiatives involving information technology (IT) security capabilities and technical controls globally. As directed, this position participates in the design, development, and delivery of those security capabilities within the IT department as well as facilitating or advising of controls for the business units when needed. The responsibilities also include assisting in the development of technical standards and standard operating procedures and other related governance pertinent to IT operations. This position works closely with IT operations staff (US and International) and may also interact with Finance, Operations, Sales, Compliance, Legal, Quality Assurance, Human Resources, and other areas to ensure that company information assets are protected as required by regulatory compliance at all levels, federal and state and corporate.
The Security Engineer must have strong expertise and experience in implementing and managing the Technical Security Safeguards required by HIPAA/HITECH, PCI-DSS and Sarbanes-Oxley Act, as well as responsibility and oversight securing configurations on operating environments, including networks, routers/firewalls, workstations, mobile devices. Duties will include collaboration with DBAs and web programmers for data encryption and secure programming strategies
This position primarily supports strategic initiatives involving information technology (IT) security controls. This position designs, develops, and delivers security controls across the IT systems as directed. The responsibility also includes facilitating and executing the enforcement and administration of the IT Security program's monitoring and governance efforts related to security events and support for remote and network access systems for the Orthofix office locations.
The IT Security Engineer is responsible for monitoring security systems to detect potential attacks as they occur and validating controls in business systems. This includes providing a full analysis of previous malicious attacks, using multiple infrastructure and security systems to look for suspicious or anomalous activities, and adhering to the global Orthofix incident response plan to help in the response activities.
Strong expertise and experience in implementing and managing the Technical Security Safeguards implemented by Orthofix IT Security standards are required, as well as responsibility for oversight for securing configurations on operating environments, including networks, routers/firewalls, workstations, and mobile devices.
What will your duties and responsibilities be?
The following are the essential functions of this position. This position may be responsible for performing additional duties and tasks as needed and assigned.
The requirements listed below are representative of the education, knowledge, skill and/or ability required for this position.
The education, knowledge, skills and/or abilities listed below are preferred qualifications in addition to the minimum qualifications stated above.
Education/Certifications:
The physical requirements listed in this section include but are not limited to the motor/physical abilities, skills, and/or demands required of the position in order to successfully undertake the essential duties and responsibilities of this position. In accordance with the Americans with Disabilities Act (ADA), reasonable accommodations may be made to allow qualified individuals with a disability to perform the essential functions and responsibilities of the position.
The duties listed above are intended only as representation of the essential functions of this position. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position. The job description does not constitute an employment agreement between the employer and employee and is subject to change at the sole discretion of the employer. Nothing in this document alters an employee's at-will employment status.
We are committed to providing equal employment opportunities to all employees and applicants without regard to race (including traits historically associated with race, such as hair texture and protective hairstyles, including braids, locks, and twists), ethnicity, religion, religious creed (including religious dress and grooming practices), color, caste, sex (including childbirth, breast feeding, and related medical conditions), gender, gender identity or expression, sexual orientation, national origin, ancestry, citizenship status, uniform service member and veteran status, marital status, pregnancy, age (40 and over), protected medical condition (including cancer and genetic conditions), genetic information, disability (mental and physical), reproductive health decision-making, medical leave or other types of protected leave (requesting or approved for leave under the Family and Medical Leave Act or the California Family Rights Act), domestic violence victim status, political affiliation, or any other protected status in accordance with all applicable federal, state, and local laws.
This policy extends to all aspects of our employment practices including, but not limited to, recruiting, hiring, discipline, termination, promotions, transfers, compensation, benefits, training, leaves of absence, and other terms and conditions of employment.