Information Security Operations Engineer, Sr.

DMBA provides a variety of benefits including health, life, and retirement to employees of the Church of Jesus Christ of Latter-day Saints and its affiliates. DMBA began operations in 1970 and is now in its 56th year of supporting the Church of Jesus Christ of Latter-day Saints and its mission.

Position Summary:

DMBA is looking for a Sr Information Security Operations Engineer to join the Information Security Team. The Information Security Team reports to the Chief Technology Officer and is responsible for the Information security program. This technical operations role will support various Information security observability and response projects to safeguard sensitive business information.

Candidate must reside within a commutable distance to downtown Salt Lake City, Utah.

Responsibilities:

• Help define and implement a comprehensive observability function to identify, detect, and respond to cybersecurity attacks and incidents
• Serve as an authority on security information and event management (SIEM)
• Evaluate company attack surface to detect misconfigurations, vulnerabilities, or weaknesses requiring mitigation
• Partner with MDR service to enhance, improve, and mature information security capabilities
• Implement compliance and business requirements regarding audit logging and monitoring
• Lead incident response efforts to reduce attacker dwell time and mature response capabilities
• Participate in incident response tabletop exercises to identify gaps and implement solutions
• Identify and monitor for IOCs and IOAs to rapidly respond to anomalous or malicious activities
• Participate in developing a threat intelligence and threat hunting function to identify potential threats and monitor for malicious activity
• Evaluate and implement solutions to identify anomalous and malicious traffic in various technologies and platforms including: M365, AWS, APIs, web applications, and emergent technologies
• Help define procedures to formalize and mature security operations
• Support various security projects and participate in solution selection and enhancement discussions
• Be an active participant in building the information security program by evaluating and suggesting new solutions and ideas and championing the information security program

Qualifications and Experience:

• 4-year Bachelor's degree or equivalent experience
• 3-5 years of technical IT and information security experience
• Strong understanding of information security best practices and security frameworks (NIST CSF, ISO 27001, ISO27005, CIS Controls, HITRUST, etc.)
• Deep knowledge of databases, common operating systems (Windows/Linux), networking, application, and cloud environments
• CySA+, CEH, Splunk Enterprise Certified, or equivalent information security training and expertise
• Experience with HIPAA, DOL Information security best practices, international, federal, and state privacy laws
• Deep knowledge of security solutions (Firewall, WAF, Vulnerability Scanning, XDR, endpoint, PAM, etc.)
• Experience with Microsoft 365, Palo Alto, AWS, and other common platforms and technologies

Other Qualifications:

• Ability to work with various IT and Business teams to address sensitive topics and risk
• Strong management and business communication skills
• Deep technical understanding and ability to apply it to complex technical and business solutions
• Expertise in project management and prioritization
• Highly motivated team player with a desire to improve the information security program
• Work in a hybrid remote work and office work environment

What We Offer:

• Competitive pay
• Rich medical, vision and dental benefits with low premiums. One of the top health plans in Utah
• Rich retirement planning: including 401(k) company match, 8% EDRC Employer Discretionary Retirement Contribution (we just give you free money for retirement), life insurance, and full service Financial Planners onsite at no cost
• Generous paid leave plan that starts accruing your first day, your birthday off, additional sick leave and 12 paid holidays
• Award winning wellness program with health coaching, ability to earn 3 additional days off a year, fun activities and an onsite gym.
• Tuition reimbursement
• Career development through company sponsored programs and over 5000 on-demand online training courses.
• Hybrid work schedules available depending on position
• Employee Assistance Program