Essential Functions
Security Engineering
• Select, implement, and support security tools and systems for preventative, detective, and analysis purposes.
• Conduct regular security assessments, red/purple team pen-tests with external vendors and with internal tooling.
• Provide high-level security engineering across application security, network security, cloud security and infrastructure security domains.
• Design, implement, and monitor security controls against CIS /NIST.
• Develop Advanced Threat hunting rules, playbooks, and automations. Build in advanced threat intel into detection rules and analytics.
• Manage SIEM and alerting, being the last line of escalation for alerts, leading investigations alerting across all security stack products.
• Review new projects and designs for appropriate security policies, procedures, and controls. Assist with the design of security environments for new and existing systems.
• Respond to security incidents as a first responder, lead the resolution of security issues, and perform forensic analysis post resolution. Provide analysis and recommendations to prevent or mitigate future incidents, and work with all teams necessary to implement the recommendations.
• Research new vendor offerings and industry trends and recommend new software, process, and policy solutions.
• Create and maintain a security framework, security roadmap, security awareness program, security architecture design and documentation, and technical standards, policies, and guidelines related to security.
• Lead the security portion of regulatory and internal audits.
• Prepare and present written and verbal security reports, analysis, and summaries to the CEO, executives, and Board.
• Automate routine work and alerting.
Department Development
• Prepare and present recommendations and updates on projects, support and future needs planning both in writing and verbally.
• Provide mentorship to the IT staff on security related issues.
• Locate and choose new learning opportunities to enhance and further knowledge of Department practices.
• Draft and recommend technology plans and requirements for business needs.
Other Functions
• Maintain technical proficiencies on current and prospective hardware and software.
• Establish and maintain relationships with key contacts in the community including volunteer centers and non-profit organizations.
• Participate in community events, community volunteer boards & associations.