Title:  IT Security Engineer - Remote

Summary:

The Security Engineer will plan, engineer, and maintain security platforms necessary to secure and monitor the global DFIN enterprise. Provide subject matter expertise for a variety of technology projects, with an emphasis on security technology. Partner with internal and external business partners as necessary to provide security assurance, alerting and monitoring against cyber related attacks and activities that could result in inappropriate and/or unauthorized disclosure of Company and/or Customer information; or negatively impact the reputation of DFIN and/or our customers. Provide operational support for security infrastructure.  Proactively identify security vulnerabilities and mitigation opportunities within the security architecture. Deliver an Ideal Customer Experience always by executing with quality and excellence. Demonstrate an aptitude for maintaining strong security market awareness as well as to recommend, implement, and manage cutting-edge technologies.  

Responsibilities:

Support

• Identify changes needed in Security architecture design and configurations necessary to achieve the technology organization goals.
• Configure and troubleshoot security architecture platforms
• Performs monitoring, periodic reports and reviews, and follow-up activities to ensure that the security systems are operational, effective and in compliance with all policies and standards.
• Analyzes system response and determines tuning recommendations to improve performance, adhere to capacity management expectations, and provide performance management reporting. 
• Manage effective issue identification and resolution processes; Serve as an escalation point for all security operations issues with a degree of quality that results in absolute root-cause determination and drive vendor partners to provide quality assurances by requiring immediate bug fixes, software updates, etc., as necessary to ensure an Ideal Customer Experience at all times. 
• Perform capacity planning and develop KPIs of all systems and storage environments; ensure that upgrades are completed on a standardized basis.
• Oversees and/or audits the security of databases and data transferred both internally and externally.
• Ensure endpoint monitoring adheres to DFIN governance and compliance policies.
• Create and maintain documentation as it relates to cyber security platforms, design, configuration, support and processes.
• Perform 24x7x365 advanced tier 1-3 support, to include but not limited to: troubleshooting, off-hour maintenance activities, problem resolution, and on-call rotation while ensuring all activities will adhere to DFIN Change Management policy.
• Performs other related duties and participates in special projects as assigned.

Engineering

• Conduct high-level and low-level designs for security infrastructure projects.
• Interact with partner organizations/departments to design solutions or reports for our security infrastructure
• Design and develop solutions and security requirements based on business unit needs; make recommendations on investments in security hardware and services.
• Evaluate new technologies and recommend future strategy to leadership.
• Develop solutions to ensure security incident and event management (SIEM) data is collected, stored, filtered/indexed, analyzed, and properly monitored/alerted.
• Develop and deliver cross-training activities
• Participates in and encourages a knowledge-sharing environment both within and outside the department
• Develop and maintain knowledge of internal security infrastructure, operations, and devices

Qualifications:

• Minimum of 2 years working knowledge of a major scripting language
• Minimum of 2 years of working knowledge in network management and troubleshooting tools
• Working knowledge of O365, Visio, G-suite, Lucid Charts
• Minimum of 2 years of working knowledge of public (Azure, AWS), SaaS Products and private cloud
• Excellent written and verbal communication skills
• Travel required (+/-5%)

Preferred Qualifications:

• Requires minimal supervision to perform job duties.
• Experience with Major Cloud providers- especially Azure and AWS.
• Experience with Network Access Controls (NAC). 
• Experience with Carbon Black Cloud or EDR
• Familiar with Windows Event Collector (WEC)
• Experience with Splunk
• Experience with Linux systems
• Familiar with container-based technology such as Docker or Kubernetes
• Familiar with log collection and ingestion processes and technology
• Proficiency in networking technologies, network security, and network monitoring solutions.
• Familiar in scripting languages like PowerShell, bash, Perl and python.
• Bachelor’s degree in related technical / business areas is preferred
• CISSP or other relevant certification preferred