Information Security Operations Engineer III

Members Achieve More isn't just a tagline for us, it's part of everything we do! We're looking for passionate individuals to join our team to help us maintain that focus every day. Want to work somewhere that's remained strong for 90 years, that encourages you to learn, grow, and pursue your dreams? If yes, then read on...

The Information Security Operations Engineer III focuses on preventing Technology- based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organization's information systems and Information Technology (IT) assets and intellectual property. The Engineer hunts for threats within our ecosystem, focusing on exposure and eradication by leveraging data analysis techniques, human intuition, expert security knowledge, and proactive monitoring. The individual is responsible for ensuring the enterprise is configured in accordance with industry best practice from organizations such as NIST, SANS, OWASP, and CIS. The incumbent supports multiple security-related platforms and technologies, interfacing with others within the IT organization and other internal business units and external customers/partners. Resources to do the job require the ability to display an in-depth understanding of new trends and technologies related to IT security and compliance and contribute to the company IT security strategy and roadmap. The position reports to the Information Security Operations Manager and works closely with other areas within the Information Technology Service (ITS) organization.

Schedule: Monday- Friday 8:00am- 4:00pm or 9:00am- 5:00pm

In this position, you will

Security Monitoring and Incident Response: Monitor security alerts and logs from various sources (e.g., SIEM systems, IDS/IPS, firewalls). Investigate and respond to security incidents, including performing root cause analysis and remediation. Participate in the incident response process, including documentation and communication.

Vulnerability Management: Conduct regular vulnerability assessments and scans to identify potential security weaknesses. Work with IT teams to prioritize and remediate vulnerabilities.

Endpoint and Network Security: Implement and manage endpoint protection solutions (e.g., antivirus, anti-malware). Ensure network security through the configuration and management of firewalls, VPNs, and intrusion detection/prevention systems.

Security Tools and Technologies: Maintain and optimize security tools and technologies (e.g., SIEM, DLP, encryption tools). Assist in the evaluation and deployment of new security technologies.

Threat Intelligence and Research: Stay updated on the latest security threats and vulnerabilities through threat intelligence feeds and research. Apply threat intelligence to enhance security monitoring and defenses.

Collaboration and Communication: Collaborate with IT and other departments to ensure integrated security across systems and networks. Communicate effectively with stakeholders regarding security issues and initiatives.

Other duties as assigned.

Qualifications:

Bachelors: Business Administration/Management, Bachelors: Computer and Information Science, Bachelors: Computer Engineering (Required), Bachelors: Management Information Systems, Bachelors (Required)

Any equivalent combination of experience and education. | RequiredExperience working with SIEM systems, threat intelligence platforms, security automation and orchestration solutions, intrusion detection and prevention systems (IDS/IPS), file integrity monitoring (FIM), DLP, and other network and system monitoring tools. | RequiredProfessional security certifications such as CISSP, CEH, Security+, CISA, CCSP, CHFI, or CCNA highly recommended. | Not RequiredWorking knowledge/experience with network systems, security principles, applications, and risk and compliance initiatives such as Gramm-Leach Bliley Act (GLBA), Payment Card Industry (PCI), Sarbanes-Oxley Act (SOX), and the General Data Protection Regulation (GDPR) | Required

CCNA - Cisco Systems, CCSP - ISC2, CEH - EC-Council, Certified Information Systems Security Professional (CISSP) - ISC2, CHFI - EC-Council, CISA - ISACA, Security+ - CompTIA