HKS
Sr. Security Engineer
HKS, Dallas, North Carolina, United States, 28034
HKS
HKS is an award-winning global architecture, interior design, planning and advisory firm. We create places noted for their beauty and performance. Overview: Manages security operational systems responsible for threat monitoring, detection, and response. Leads efforts for vulnerability remediation and reduce overall risk. Responsible for a broad range of tasks including administration of information security tools and devices, security information and event management. Possesses and applies a broad knowledge of cyber security practices and procedures to complete assignments with integrity and creativity in collaboration with team. Anticipates job expectations and contributes to sustainable project solutions. Responsibilities: Engineers, implements, and advocates for effective security operation standards and controls, including security monitoring, threat detection, incident response, threat intelligence, vulnerability management, access management, compliance and reporting. Develops and implements a comprehensive vulnerability management program, and proactively identifies and analyzes emerging threats and vulnerabilities. Leads efforts to remediate security weaknesses and improve overall security posture. Leads incident response investigations, performs root cause analysis, and develops comprehensive incident reports. Recommends and implements improvements to incident response processes and procedures while mentoring junior team members in incident handling techniques. Leads the development, implementation, and maintenance of security documentation, including policies, standards, procedures, and guidelines. Ensures documentation is aligned with industry best practices, regulatory requirements, organizational needs, and provides guidance and training to other team members on security documentation standards. Develops and implements a comprehensive security reporting framework that aligns with business objectives and regulatory requirements. Leads the creation of executive-level security reports, providing strategic insights and recommendations to senior management. Oversees the development and maintenance of security dashboards and metrics to track key performance indicators (KPIs) and ensures that security reporting is accurate, timely, and relevant to the needs of the audience. Develops and implements a comprehensive security awareness program that aligns with industry best practices and regulatory requirements. Leads the creation of engaging and informative training content, including interactive modules, videos, and simulations. Oversees the execution of phishing campaigns and analyzes results to identify vulnerabilities and improve training effectiveness. Provides guidance and mentorship to junior engineers on developing and delivering security awareness training. Provides expert guidance and advice to other IT teams on security architecture, design, and implementation. Leads security reviews and audits of IT projects and initiatives and develops and delivers security awareness training programs for IT staff. Mentors a team responsible for incident detection, response, mitigation, and retrospection, ensuring adherence to industry standards and best practices. Champions security best practices across all IT teams and provides expert guidance to other IT teams on security architecture, design, and implementation. Leads incident response efforts, conducts in-depth analysis of complex threats, develops and implements remediation strategies while mentoring junior engineers and contributes to security documentation and process improvement. Proactively searches for indicators of compromise and escalates findings to leadership. Qualifications: B.A./B.S. degree in Computer Science or related field, or equivalent work experience. Advanced Information Security Certification (CISSP, CISM, CASP+, CySA+, CCSP) required. Typically with 6+ years of experience with cyber security incident response & remediation activities. Advanced experience regarding all layers of the OSI model. Advanced competency in Microsoft Server, Microsoft Intune, Office 365 and Microsoft Azure. Experience with logging and alerting platforms, including SIEM integration. Experience with CATO SSE Expert, CATO Advanced Security, CATO SASE Deployment and Management. Experience in MS Office Suite, including Excel, Outlook and Word. Experience with the following security solutions (Okta, Crowdstrike, Microsoft Cloud App Security, Tenable, Mimecast, Cloudflare) preferred. Knowledge of Cisco network device (managed switches and routers) configurations and management supporting both LAN and WAN architectures. Knowledge of Palo Alto firewall, Prisma and SASE environments. Proven track record of unprompted consistent improvement. Strong customer service, interpersonal skills and the ability to interact with all levels of staff. Strong work ethic and eagerness to produce high quality, accurate results. Ability to hold sensitive information with a high level of confidentiality and integrity. Ability to communicate and present ideas in a clear, concise and professional manner both verbally and in writing. Ability to proactively problem solve and apply innovative solutions. Ability to work and collaborate in a team environment, and ability to work independently and prioritize work. Ability to work on multiple projects at the same time. Ability to effectively meet deadlines at expected quality. Travel may be required. The information contained in this job description is intended to serve as a minimum requirement and guideline — not as a guarantee — for promotion to this level. Some additional criteria, qualifications or expectations may be required by service, sector or practice group. #LI-KT1 If you currently work for HKS, please submit your application via the Internal Careers Portal. HKS is an EEO/AA Employer: M/F/Disabled/Veteran.
#J-18808-Ljbffr
HKS is an award-winning global architecture, interior design, planning and advisory firm. We create places noted for their beauty and performance. Overview: Manages security operational systems responsible for threat monitoring, detection, and response. Leads efforts for vulnerability remediation and reduce overall risk. Responsible for a broad range of tasks including administration of information security tools and devices, security information and event management. Possesses and applies a broad knowledge of cyber security practices and procedures to complete assignments with integrity and creativity in collaboration with team. Anticipates job expectations and contributes to sustainable project solutions. Responsibilities: Engineers, implements, and advocates for effective security operation standards and controls, including security monitoring, threat detection, incident response, threat intelligence, vulnerability management, access management, compliance and reporting. Develops and implements a comprehensive vulnerability management program, and proactively identifies and analyzes emerging threats and vulnerabilities. Leads efforts to remediate security weaknesses and improve overall security posture. Leads incident response investigations, performs root cause analysis, and develops comprehensive incident reports. Recommends and implements improvements to incident response processes and procedures while mentoring junior team members in incident handling techniques. Leads the development, implementation, and maintenance of security documentation, including policies, standards, procedures, and guidelines. Ensures documentation is aligned with industry best practices, regulatory requirements, organizational needs, and provides guidance and training to other team members on security documentation standards. Develops and implements a comprehensive security reporting framework that aligns with business objectives and regulatory requirements. Leads the creation of executive-level security reports, providing strategic insights and recommendations to senior management. Oversees the development and maintenance of security dashboards and metrics to track key performance indicators (KPIs) and ensures that security reporting is accurate, timely, and relevant to the needs of the audience. Develops and implements a comprehensive security awareness program that aligns with industry best practices and regulatory requirements. Leads the creation of engaging and informative training content, including interactive modules, videos, and simulations. Oversees the execution of phishing campaigns and analyzes results to identify vulnerabilities and improve training effectiveness. Provides guidance and mentorship to junior engineers on developing and delivering security awareness training. Provides expert guidance and advice to other IT teams on security architecture, design, and implementation. Leads security reviews and audits of IT projects and initiatives and develops and delivers security awareness training programs for IT staff. Mentors a team responsible for incident detection, response, mitigation, and retrospection, ensuring adherence to industry standards and best practices. Champions security best practices across all IT teams and provides expert guidance to other IT teams on security architecture, design, and implementation. Leads incident response efforts, conducts in-depth analysis of complex threats, develops and implements remediation strategies while mentoring junior engineers and contributes to security documentation and process improvement. Proactively searches for indicators of compromise and escalates findings to leadership. Qualifications: B.A./B.S. degree in Computer Science or related field, or equivalent work experience. Advanced Information Security Certification (CISSP, CISM, CASP+, CySA+, CCSP) required. Typically with 6+ years of experience with cyber security incident response & remediation activities. Advanced experience regarding all layers of the OSI model. Advanced competency in Microsoft Server, Microsoft Intune, Office 365 and Microsoft Azure. Experience with logging and alerting platforms, including SIEM integration. Experience with CATO SSE Expert, CATO Advanced Security, CATO SASE Deployment and Management. Experience in MS Office Suite, including Excel, Outlook and Word. Experience with the following security solutions (Okta, Crowdstrike, Microsoft Cloud App Security, Tenable, Mimecast, Cloudflare) preferred. Knowledge of Cisco network device (managed switches and routers) configurations and management supporting both LAN and WAN architectures. Knowledge of Palo Alto firewall, Prisma and SASE environments. Proven track record of unprompted consistent improvement. Strong customer service, interpersonal skills and the ability to interact with all levels of staff. Strong work ethic and eagerness to produce high quality, accurate results. Ability to hold sensitive information with a high level of confidentiality and integrity. Ability to communicate and present ideas in a clear, concise and professional manner both verbally and in writing. Ability to proactively problem solve and apply innovative solutions. Ability to work and collaborate in a team environment, and ability to work independently and prioritize work. Ability to work on multiple projects at the same time. Ability to effectively meet deadlines at expected quality. Travel may be required. The information contained in this job description is intended to serve as a minimum requirement and guideline — not as a guarantee — for promotion to this level. Some additional criteria, qualifications or expectations may be required by service, sector or practice group. #LI-KT1 If you currently work for HKS, please submit your application via the Internal Careers Portal. HKS is an EEO/AA Employer: M/F/Disabled/Veteran.
#J-18808-Ljbffr