The security engineer is responsible for implementing, maintaining, monitoring and managing secure solutions. The engineer delivers these solutions in accordance with the organization’s architectural designs, best practices, and regulatory or compliance requirements. As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape.
The security engineer is expected to contribute to the corporate security strategy with security leadership and other senior security staffers and technologists. Recipients of the engineer’s implementations and management include IT infrastructure, application development, security operations, security audit and end users. With an emphasis on securing systems, applications, third-party connections, service providers and ancillary systems, the security engineer is responsible for securing business-to-business initiatives, third-party relationships, outsourced solutions and vendors. Considered a highly knowledgeable individual, the security engineer is expected to implement, monitor and manage secure solutions that address modern day issues.
Essential Job Duties
Handle day-to-day implementation, monitoring and operational support of hardware, software, customer applications, managed solutions and service provider relationships.
Actively participate and lead security team meetings that facilitate secure design.
Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
Assist with incident response and system stability issues as they occur. This may include involvement outside of regular work hours, and responsiveness is expected.
Implement solutions observing compliance – ISO 27001, TISAX, PCI, and others
Work in tandem with architects, the security operations center (SOC), incident responders (in cases of anomalous activity and host compromise), and technology infrastructure and development team members.
Respond to and handle service and escalation tickets within SLA expectations.
Develop security test plans from architectural design. Identify deficiencies and make enhancements to ensure production is not impacted.
Participate regularly in change project and change management meetings.
Research, validate and deploy solutions meeting security and business needs.
Influence the planning and execution of incident response and postmortem exercises, with a focus on creating measurable benchmarks to show progress (or deficiencies requiring additional attention).
Focus on driving security efficiencies, enabling security team members to work on more advanced tasks.
Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
Perform other duties as assigned.
Skills and Experience
cybersecurity , including compliance and risk management with a system and network security engineering background.
Highly technical and analytical expertise, with a proven deep background (preferred 5+ years’ IT experience in addition to cybersecurity) in technology design, implementation and delivery.
Experience in cloud computing technologies, including software-, infrastructure and platform-as-a-service, as well as public, private, and hybrid environments.
Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus / firewalls, in addition to newer offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration, deception technologies and application controls.
Skilled in meeting vulnerability and penetration testing requirements.
Excellence in communicating business risk from cybersecurity issues.
Experience designing, deploying and managing SIEM systems, End Point Detection and Response (EDR) systems, threat intelligence platforms, security automation and orchestration solutions, IDS/IPS, file integrity monitoring (FIM), data loss prevention (DLP) and other network and system monitoring tools.
Track record of acting with integrity, taking pride in work, seeking to excel, being curious and adaptable, and communicating effectively.
Additional Qualifications
Experience with Microsoft Azure or Amazon Web Services (AWS)
Proficient with scripting in Python, JavaScript, PowerShell, PHP or Ruby.
DevOps background with experience in compliance obligations.
Experience with one or more of the following: ISO 27001, CIS Controls, CIS Benchmarks, NIST, PCI Data Security Standard (PCI DSS), HIPAA,, the General Data Protection Regulation (GDPR).
Working knowledge of Windows, Linux and Unix.
Follow security engineering fundamentals and processes as outlined in NIST 800-160
Ability to think strategically and tactically, with effective decision-making skills.
Highly trustworthy; leads by example.
Education Requirements
Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent.
Experience Requirements
Fresher
Certification Requirements
GIAC or CISSP certification preferred.
Cerence Inc. (Nasdaq: CRNC and www.cerence.com ) is the global industry leader in creating unique, moving experiences for the automotive world. Spun out from Nuance in October 2019, Cerence is a new, independent company that has quickly gained traction as a leader in the automotive voice assistant space, working with all of the world’s leading automakers – from Ford and Fiat Chrysler to Daimler, Audi and BMW to Geely and SAIC – to transform how a car feels, responds and learns. Its track record is built on more than 20 years of industry experience and leadership and more than 325 million cars on the road today across more than 70 languages.
As Cerence looks to the future and continues an ambitious growth agenda, we need someone to join the team and help build the future of voice and AI in cars. This is an exciting opportunity to join Cerence’s passionate, dedicated, global team and be a part of meaningful innovation in a rapidly growing industry.
EQUAL OPPORTUNITY EMPLOYER
Cerence is firmly committed to Equal Employment Opportunity (EEO) and to compliance with all federal, state and local laws that prohibit employment discrimination on the basis of age, race, color, gender, gender identity, gender expression, sex, sex stereotyping, pregnancy, national origin, ancestry, religion, physical or mental disability, medical condition, marital status, citizenship status, sexual orientation, protected military or veteran status, genetic information and other protected classifications. Cerence Equal Employment Opportunity Policy Statement.
All prospective and current Employees need to remain vigilant when it comes to executing security policies in the workplace. This includes:
TELUS International is looking for an experienced and motivated Technology manager who will be responsible for overseeing and ensuring that...
Apply For This Job...
Apply For This JobIT Business Process Analyst III – 1231 Date: Jan 23, 2023 Location:Mumbai, India, 400059 Company: Teva Pharmaceuticals Job Id: 44765...
Apply For This JobAbout Company: Rosalind IT Services in the industry for the last 10+ years are majorly providing services in IT Staffing,...
Apply For This JobWho We Are We are the Data Center Services team working under the Hybrid Cloud, Infrastructure & Operations organization within...
Apply For This JobCurrently we are looking for a high energy, self-motivated Business Development Manager (BDM). Position: Business Development Manager /Account Manager for...
Apply For This Job