Our client, headquartered in the “Silicon Hills” of Austin, Texas, offers an experience as unique as the city in which it operates. The firm supports more than 1,700 independent financial advisors in delivering comprehensive securities and investment advisory services to their clients. With a culture rich in reinvention and advisor advocacy, they have developed integrated business management technology that, combined with its personalized consulting services, offers exceptional scale and efficiency.
As Security Engineer of Infrastructure Security and IAM, you will be responsible for creating and leading our overall approach for infrastructure security and identity on-premises and in the cloud. A successful candidate is a hands-on security technologist who is well-versed in modern SaaS SIEM logging and monitoring services, as well as modern identity architecture. This role will give the successful candidate a great opportunity to report directly to the Chief Information Security Officer (CISO) and deliver on a set of high-visibility and business-critical Cybersecurity and Technology Risk initiatives across the holdings company, as well as its subsidiaries.
You will be primarily responsible for implementing and maintaining our client’s Security Information Event Management (SIEM) platform, Security Orchestration, Automation and Response (SOAR), and Endpoint Detection and Response (EDR) capabilities. Additionally, you will drive dramatic enablement, consolidation, and automation across our client’s internal workforce (B2E) and customer identities (B2C), technologies, and processes.
The ideal candidate has a proven track record implementing complex identity strategies and architectures with legacy on-premises technology, as well as migrating to and managing modern cloud infrastructure (IaaS and PaaS), SaaS, and custom-developed customer facing applications.
Primary Responsibilities of the Senior Security Engineer
- Provides architectural oversight and technical leadership across all development and technology teams to ensure standardized and secure identity architecture.
- Ensures that adequate security solutions are in place to mitigate identified risks sufficiently and to meet business objectives and regulatory requirements.
- Partners with business application and technology teams to assess logging capabilities to enable new monitoring and alerting features.
- Sets the strategic direction of the Identity and Privileged Access Management Program, architecture, and roadmaps that enable our business objectives.
- Drives the Identity and Privileged Access Management Program (IAM) program through the creation, implementation, and maintenance of processes, people, and technology.
- Escalates security events or incidents according to defined workflow and in accordance with any relevant SLAs.
- Monitors alerts generated and engages in incident and case management processes to drive remediation and root cause analysis activities.
- Promptly responds to all security incidents and provides thorough post-event analyses.
- Tunes SIEM components and correlation rules to ensure maximum reliability and reduce false positives.
- Assists in the development of playbooks to enable alerting response in a manner consistent with enterprise incident management standards.
- Conducts regular vulnerability scans and system tests to ensure continuous monitoring of network security.
- Assists in remediation and/or mitigation efforts for all vulnerabilities in the environment, ensuring appropriate response to high-risk and aged findings.
- Supports in the development of security policies, standards, and plans to ensure the protection of corporate data against unauthorized use, access, modification, or destruction.
- Maintains an expert understanding of all vulnerabilities, responses, and mitigation strategies used to support cyber security operations.
- Reviews current system security measures and recommends and implements enhancements.
- Remains up-to-date with the latest security systems, standards, authentication protocols, and products.
Primary Requirements for the Senior Security Engineer
- Bachelor/Master of Cybersecurity, Computer Science, Engineering, or a related field required.
- 7+ years of experience working in an information technology discipline.
- Experience working with native Microsoft security tools (i.e., Azure Defender, Security Center, and Sentinel).
- Experience in using security information event management platforms (SIEM), correlation logic and rules and Windows Event Logs
- Understanding of the security logging needs of an Azure SaaS platform and Windows-based environments.
- Broad understanding of available native cloud-based Cybersecurity technologies and third-party cloud-based ecosystem enablers.
- In-depth knowledge of security issues at many levels of a modern computing stack.
- Good working knowledge of current IT risks and experience implementing security solutions.
- Ability to interact with a broad cross-section of personnel to explain and enforce security measures.
- Experience in modern log aggregation and SIEM and solutions.
- Strong experience implementing and supporting Security Orchestration, Automation, and Response (SOAR) tools.
- Knowledge of core IAM domains: Authentication, Authorization, Identity Governance, Privileged Access Management (Static and Dynamic), Customer Identity and Access Management, Lifecycle Management, Multi-Factor Authentication (MFA), Single Sign-On (SSO), and HRIS.
- Strong knowledge of authentication and directory services protocols (e.g., FIDO, OIDC, OAuth 2.0, SAML, LDAP, and ADFS).
- Not afraid to roll up their sleeves and play a hands-on role, including incident reviews and analysis..
What’s in it for you as a Senior Security Engineer with a growing company?
- Excellent salary and comprehensive benefits package for this full-time position
- A world-class team of professionals, casual work environment, and rich culture
- Challenging projects now and on the Technology Roadmap going out several years
- Career path, training support, and opportunities for advancement within
- Award-winning, a stable leader in their market space and still growing
- A solid compensation plan includes comprehensive benefits and a bonus plan
- Full health, vision, dental. 401(k) plans along with a host of voluntary plans such as car insurance, legal services, and more.
- A brand new state of the art building in Southwest Austin with a basketball court, volleyball court, baseball field, walking trails, unlimited coffee, tea, and sparkling water!