Senior IT Security Engineer
Company: Springs Window Fashions
Location: Middleton
Posted on: May 18, 2024
Job Description:
Description
Springs Window Fashions is hiring for a Senior IT Security Engineer
based in our Middleton, WI corporate headquarters.
This is an onsite role, fully remote is not an option.
Springs Window Fashions has been part of the window treatments
industry since 1939. Headquartered in Middleton WI, we have over
8,000 associates and 18 locations worldwide. Our products are
available in nearly every major retailer, in thousands of designer
showrooms and showcased in large commercial buildings. Our company
is privately owned with products marketed across a broad portfolio
of brands including Bali, Graber, SunSetter and Mecho. We pride
ourselves as "The Best Experience Company," striving to provide the
best experience for our consumers, channel partners, and
associates.
Job Summary
Springs Window Fashions is seeking a highly motivated Senior IT
Security Engineer to join our IT Security Team. As a lead
specialist you will be leading various security programs and mentor
other Security Engineers. This position will be responsible for
implementing and managing all aspects of Cyber Security. As such,
you must have a strong & proven technical background and leverage
it to become a trusted Security Expert in the Company.
We are looking for a Senior IT Security Engineer who can design,
define, and execute the security architecture, standards,
configuration, and monitoring of services & technologies at
Springs. You will be working with a talented team of associates
with a shared mission to make Springs secure and drive our
cybersecurity success under the direction of Springs's Director of
IT Infrastructure and Security.
The Senior IT Security Engineer will provide several core functions
for the enterprise including identification, investigation, and
resolution of potential security incidents. They will Serve as the
first line of defense against threat vectors, prevent network
breach and data loss, and minimize the impact on business
operations. This role will participate in the creation and or
maintenance of policies, security metrics, standards, baselines,
guidelines, and procedures as well as conducting vulnerability
assessments and disaster recovery planning. They will handle
day-to-day security vendor relationships and work closely with all
security service providers. They lead the charge and champion
compliance and framework adherence for the IT department.
Job Duties
- Planning and design of enterprise security functions under the
direction of senior IT leadership, where appropriate
- Participate in the creation of enterprise security documents
(policies, standards, baselines, guidelines, and procedures
(GRC))
- Develop and report key security metrics
- Participate in the planning and design of an enterprise
Business Continuity Plan and Disaster Recovery Plan, under the
direction of the Business Continuity and Disaster Recovery Teams,
where appropriate.
- Security Awareness: Develop content for organization wide and
targeted security awareness training. Present relevant information
security topics through a variety of forums depending on the
audience.
- Compliance planning and implementation with focus on PCI-DSS
and SOX.
- Maintain up-to-date detailed knowledge of the IT security
industry including awareness of new or revised security solutions,
improved security processes and the development of new attacks and
threat vectors.
- Lead or manage technical system security audit efforts by
working with Compliance Team members.
- Recommend additional security solutions or enhancements to
existing security solutions to improve overall enterprise
security.
- Lead the deployment, integration, and initial configuration of
all new security solutions and of any enhancements to existing
security solutions in accordance with standard best operating
practices and in compliance with the enterprise's security
documents.
- Ensure that up-to-date baselines for the secure configuration
and operations of all in-place devices, whether they be under
direct control (i.e., security tools) or not (i.e., workstations,
servers, network devices, etc.) are maintained.
- Monitor all in-place security solutions for efficient and
appropriate operations.
- Review logs and reports of all in-place devices, whether they
be under direct control (i.e., security tools) or not (i.e.,
workstations, servers, network devices, etc.). Interpret the
implications of that activity and devise plans for appropriate
resolution.
- Participate in investigations into problematic activity.
- Perform real-time proactive security monitoring, detection and
response to security events and incidents within the enterprise
network.
- Participate and or lead in the design and execution of
vulnerability assessments, penetration tests and security
audits.
- Working technical knowledge of vulnerability and port scanning,
data loss prevention, email gateways, Web Gateways, web proxies,
URL filtering, anti-virus and other standard security
monitoring/management tools.
- Other duties as assigned
Requirements
Education and Experience
* Bachelor's degree and 3+ years of equivalent work experience
* The following certifications are recommended. Ability to obtain
CISM or CISSP with 6 months of employment.
- CISM
- CISSP
- GIAC Security Essentials (GSEC)
- GIAC Information Security Fundamentals (GISF)
This position has 24/7 responsibility for key IT Security
equipment. Must be willing to respond to incident detection and
security-based outages 24/7
Preferred Experience
- Experience with Security as a Service providers
- Experience with Python, Perl, Ruby or PowerShell
- Experience with Automation (Puppet, Chef, Ansible, etc.)
- Network Security: Firewall, IDS/IPS and threat protection
administration
- Experience with CrowdStrike EDR, Spotlight, Logscale, Identity
protection
- Experience with identity management and zero trust
identity
- Experience with cloud security technologies
Behavioral Competencies
- Ensures Accountability - Holding self and others accountable to
meet commitments
- Drive Engagement - Creating a climate where people are
motivated to do their best to help the organization achieve its
objectives
- Instill Trust - Gaining the confidence and trust of others
through honesty, integrity, and authenticity
- Drive Results - Consistently achieving results, even under
tough circumstances
- Consumer/Customer Focus - Building strong customer
relationships and delivering on customer-centric solutions
- Critical Thinking - Making Sense of complex, high quantity, and
sometimes contradictory information to effectively solve
problems
- Being Resilient - Rebounding from setbacks and adversity when
facing difficult situations
- Optimize Work Processes - Knowing the most effective and
efficient processes to get things done, with a focus on continuous
improvement
Keywords: Springs Window Fashions, Milwaukee , Senior IT Security Engineer, Engineering , Middleton, Wisconsin
Didn't find what you're looking for? Search again!
Loading more jobs...