Alcohol Monitoring Systems / Scram Systems - Cary, NC
posted 2 months ago
Full-time
Cary, NC
About the position
The Security Engineer will focus on security concerns for the development, implementation, operations, and ongoing analysis of SCRAM Systems security and operational infrastructure. This role is crucial for fortifying the organization's infrastructure against evolving security threats and ensuring the confidentiality, integrity, and availability of critical systems. The ideal candidate will collaborate closely with various teams to protect information systems and will have extensive experience in security operational domains.
Responsibilities
- Develop and maintain a comprehensive security strategy in alignment with organizational goals and risk tolerance.
- Review and implement security architecture for both Cloud and on-premises environments.
- Conduct security assessments to identify vulnerabilities and propose remediation measures.
- Implement advanced security monitoring and threat detection solutions to identify security incidents promptly.
- Lead incident response efforts, investigating and mitigating security breaches and cyber-attacks.
- Develop and maintain incident response plans and conduct periodic drills for the security team.
- Maintain rules on an Elastic stack SIEM for threat logging and notifications.
- Establish and enforce security controls for major cloud providers, ensuring data protection and compliance.
- Monitor and analyze cloud security logs and reports, addressing potential risks proactively.
- Harden and secure Windows and Linux-based VMs in cloud and on-premises environments.
- Implement security measures for Kubernetes clusters and containerized applications.
- Regularly audit infrastructure security and manage patching and updates.
- Design and maintain IAM solutions to control access privileges and permissions.
- Oversee access control mechanisms ensuring adherence to the principle of least privilege.
- Collaborate with internal teams to ensure compliance with relevant security standards and regulations.
- Conduct security audits, vulnerability assessments, and penetration testing as needed.
- Conduct security training sessions for technical teams to promote a security-conscious culture.
Requirements
- Proven experience as a Security Engineer in a data-sensitive industry.
- In-depth knowledge of Cloud security, including IAM, VNet, and Security Center.
- Experience securing Windows and Linux-based VMs; proficiency in Kubernetes is a plus.
- Familiarity with security compliance frameworks such as NIST, ISO 27001, and CJIS.
- Hands-on experience with security tools and technologies, such as SIEM, TVM, IDS/IPS, and firewalls.
- Excellent problem-solving skills and strategic thinking about security issues.
- Effective communication and leadership skills, with the ability to collaborate across teams.
- High level of analytical and problem-solving abilities.
- Bachelor's degree in Computer Science, Information Security, or a related field (or equivalent work experience).
Nice-to-haves
- Security and Industry certifications are a plus.
- Azure experience is not required but is a plus.
