Saxon Global
Information Security Engineer
Saxon Global, Birmingham, Alabama, 35275
Job Title: Sr. Security Engineer Company: Hibbett Duration: Contract-to-Hire Location: 100% Onsite in Birmingham, AL Summary: The Senior Security Engineer oversees the protection of IT and business assets, monitors for risks and threats, supports diverse IT needs, and innovates new IT solutions and security frameworks. Responsibilities include managing ZTNA and XDR platforms, automating IT processes, handling IT certifications, and providing guidance and mentorship to IT Security staff. They respond to security incidents, design system security architecture, deploy robust security controls, conduct thorough security assessments, and develop new security tools. Compliance with IT policies, involvement in security training programs, advice on IT process enhancements, and collaboration on secure software development practices are also key aspects. Essential Duties and Responsibilities: Platform Oversight: Manage updates, changes, and issues concerning ZTNA and XDR platforms. Automation: Create and implement automation solutions for various IT needs. Certification Management: Supervise matters related to IT certifications. Leadership and Mentorship: Provide leadership and mentorship to IT Security personnel. Incident Response: React to information system security incidents, including investigation, countermeasures, and coordination with third-party responders. Security Design: Identify system security requirements, formulate system security architecture, and develop detailed security designs. Security Controls: Design, implement, and administer network and application security controls, such as intrusion detection/prevention, vulnerability scanning, log reporting and correlation, web application scanning, endpoint protection, wireless network security, access controls, and encryption capabilities. Risk Management: Proactively manage risks from emerging threats by staying informed about current technology and best practices. Security Assessments: Plan and conduct security assessments, such as penetration tests, vulnerability scanning, and website vulnerability assessments. Report findings and assist in creating remediation plans. Security Tool Development: Develop technical solutions and innovative security tools to address vulnerabilities and automate tasks. Monitoring and Research: Utilize IT security tools to monitor and research potential security issues affecting organizational systems. Policy Adherence: Ensure organizational compliance with appropriate and achievable IT policies. Information Handling: Assist in developing and administering practices for the secure handling and storage of sensitive information. Training and Awareness: Provide guidance on information security training and awareness initiatives. Process Enhancement: Advise on IT process and technology improvements with a focus on security. Secure Development: Collaborate with software development teams to establish guidelines and standards for secure development and application configuration. Fraud Risk Mitigation: Safeguard company assets and financial information by ensuring the effectiveness of internal control procedures and identifying potential fraud risks. Threat Mitigation: Block internal and external threats to protect organizational data and interests. Address vulnerabilities to maintain organizational security and readiness for incident response. Qualifications: Bachelor's degree in computer science or a related field, or equivalent experience. Five or more years of experience in network administration. Three or more years of experience in IT security. Strong understanding of Linux and Windows environments. Certifications like GSEC, Security, or related certifications are preferred.