IT Security Engineer

From a small family business to a multi-billion-dollar global company, Sonoco has been changing the face of products and packaging since 1899 - all while keeping the heart of "People Build Businesses" alive.

Our talented people are at the core of our growth, constantly reinventing the Sonoco wheel with brilliant solutions every year. Today we are a world leader in global packaging solutions with diversified operations in over 34 countries. We're extremely proud of our portfolio of brands, our achievements in sustainability and industrialization and the groundbreaking work accomplished by our people.

Sonoco's Global Information Security organization is a collaborative team focused on protecting Sonoco's data and technology assets from risks and threats, internal and external, while driving transformation into the business use of IT. This is our team mission, and we are passionate how we do it. The Global InfoSec organization provides full-scope information and cyber security services to Sonoco's businesses, and our collective goal is to provide safe, secure, and resilient IT services to our stakeholders.

A key part of achieving that goal is providing a modern and mature security infrastructure and engineering to support capabilities like security operations, risk management, and audit/assessment. Sonoco's InfoSec Engineering team works to develop and implement state of the art detection tools used by the InfoSec team and ensure appropriate configuration, functionality, integration, and data management within Sonoco's security infrastructure and tools.

To achieve this goal, the InfoSec organization is looking for a Security Engineer II to drive this capability forward. The objective of this position will be to bring their passion and experience to the tasks of assessing, design, development, and implementation of highly secured solutions to protect against cyberattacks. Specifically, this position will support enterprise security technology platforms, applications, and services, along with championing Sonoco standards. They will also perform monitoring, analysis, mitigation, and response to cyber threats against Sonoco technology assets, networks, and information. This individual will perform all functions to support day-to-day security engineering activities, including maintaining a broad suite of information security infrastructure, ensuring security and network infrastructure availability and integrity. This individual will participate in planning, selection, design and configuration of enterprise platforms and business systems. The global environment includes both local and wide area networks, commercial internet ingress/egress points, public facing websites and assets, mobile technologies, cloud applications and services, and on-premises hardware in a highly complex environment. This individual will be responsible for also be responsible for incident and response activities.

Key Responsibilities

Reporting to the Manager, IT Security Engineering, you will have responsibility for the following:

• Assist with the management, maintenance and overall operation of information system security controls and countermeasures, including but not limited to baselining current systems and trend analysis.
• Identify areas of improvement in the existing security toolsets being utilized at Sonoco.
• Establish and manage relations with vendor / partner organizations.
• Assist with security policy reviews, configuration standards, and 3rd-party audits.
• Oversee technical delivery, assessing and continually improving output and ensuring processes are developed and adhered to ensure operational excellence.
• Provide guidance and support for daily operational activities and requests for assistance.
• Benchmark, analyze, report on, and make recommendations for the improvement and growth of the security standards and toolsets.
• Collaborate and consult with business and technology stakeholders on current and emerging security needs in Sonoco's business.
• Assist with event and incident remediation, and cybersecurity investigation.
• Perform other job duties as required.

Qualifications

• Bachelor's degree (Engineering, Cybersecurity, IT, etc.) or relevant years of experience.
• 4+ years providing security engineering support.
• Experience designing, implementing, and measuring relevant security and technology management critical success factors, KPI's and metrics.
• Experience identifying, evaluating, recommending, and implementing processes, procedures, and technologies to enhance existing capabilities to ensure a cycle of continuous improvement.
• In depth knowledge of modern cybersecurity concepts and how to apply them.
• Ability to work in a fast-paced environment in both a team and individual setting.
• Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills.
• Ability to maintain in depth knowledge of security and networking infrastructure including the management and reporting of each.
• Previous experience in leading complex Information Security projects.
• Ability to work flexible hours as needed.

Competencies

• Ability to think broadly and tactically, balanced with a high attention to detail.

• Ability to make decisions and perform complex problem-solving activities under pressure.

• Technical knowledge of current network security, hardware protocols and standards.

• Ability to adapt to rapid change and work in a fast-paced / ever changing environment.

• Possess a service and solutions-oriented approach.

• Strong written, verbal and presentation skills.

• Takes responsibility and achieves results.

• Strong process-oriented individual with experience in ITIL concepts.

• Understanding of Information Security concepts surrounding corporate endpoints and applications.

• Experience in Information Security design and deployment.

• Strong experience in the following areas:

• Security Information & Event Management (SIEM) combined with Advanced Analytics (AA).

• Security Orchestration Automation & Response (SOAR).

• Privileged Access Management (PAM) and Endpoint Privilege Management (EPM).

• Cloud Access Security Broker (CASB).

• Web Application Firewall (WAF).

• O365 & Azure security.

• Vulnerability Management.

• Operational Technology (OT) security a plus.

This is a progression position, level I-II, based on current business needs.

At Sonoco Products Company, we offer a comprehensive total rewards package, including competitive pay and benefits. *Benefits listed below are for employees located in the U.S. Specific benefits and wellbeing programs may vary depending on your location (within the U.S. or global), or if you are a union employee.

Benefits

• Medical, dental, and vision coverage for you and your dependents, including FSA and HSA options
• 401(k) retirement plan with company match
• Wellbeing tools and resources to support holistic health, including an Employee Assistance Program with a variety of services
• Paid time off and holidays to recreate, rejuvenate and care for the health of yourself and family
• Variety of company paid and voluntary employee-paid insurance plans including life, personal accident, and disability insurance
• Tuition reimbursement

We are an equal opportunity employer, and we strictly prohibit and do not tolerate discrimination against employees, applicants or any other covered persons because of race, color, religion, national origin or ancestry, sex, pregnancy, sexual orientation, marital status, gender identity or expression, age, disability, genetic information, veteran status, or any legally protected characteristic.