In this capacity, the Senior Security Engineer will make things more secure by protecting system
boundaries, keeping computer systems and network devices hardened against attacks, and
securing highly sensitive data. Qualified candidates will have a background in cybersecurity or
systems engineering.
In this capacity, the Senior Security Engineer will:
 Identify and implement ways to harden systems and reduce the attack surface;
 Secures enterprise information by determining security requirements; planning,
implementing, and testing security systems; preparing security standards, policies, and
procedures Engineer, implement, and monitor security measures for the protection of
computer systems, network, and information;
 Integrate security tasks and activities into system development methodologies (e.g.
planning, design, implementation, operations, maintenance, and disposal);
 Identify and verify security requirements are met throughout the process;
 Work closely cross functionally with IT and business teams in driving information security
technology strategy; and
 Apply security architecture principles through the system development Lifecycle (SDLC).
Proficiencies:
 Consult on solution architecture for projects to ensure compliance with the security
technical architecture;
 Prepare and document secure system development standard operating procedures and
protocols;
 Drive and conduct system architectural reviews, secure design reviews, risk
assessments and threat assessments;
 Perform vendor technical solution acceptance verification and validation;
 Provide guidance on how systems and endpoints are managed and hardened against
security threats and vulnerabilities;
 Develop technical solutions and new security tools to help mitigate security
vulnerabilities and automate repeatable tasks;
 Assess gaps in existing policy and propose amendments to existing policy or new policy
to address these gaps;
 Participate in the development and implementation of enterprise-level technical
standards and procedural directives and other guidance materials;
 Write comprehensive reports including assessment-based findings, outcomes and
propositions for further system security enhancement;
 Participates in the development, implementation and review of security controls for the
systems under their purview;
 Coordinates with system owners to resolve security issues through system lifecycle; and
 Provides guidance and support to self-testing, security control assessment, preparation
of remediation plans, and development of continuous monitoring plans.
Qualifications:

 Have minimum of ten (10 years of experience with cybersecurity or information
assurance);
 BS degree in Computer Science or related field (required);
 Thorough understanding of the latest security principles, techniques, and protocols;
 Detailed technical knowledge of network, application, and/or operating system security;
 Hands on experience in security systems, including vulnerability management, identity
and access management, security risk assessments, application testing, etc;
 Knowledge related to endpoint and mobile security;
 Strong, track record of implementing security architecture for complex solutions and
ability to deliver results through partnering with stakeholders in IT and the business;
 Working knowledge of IT processes (i.e., ITIL) including incident, problem, defect,
change and release management; and
 Experience with secure architecture principals, secure SDLC, security system integration
and configurations, and troubleshooting.