Description:

The IT Security Engineer is responsible for executing cybersecurity operational procedures to prevent, identify, remediate, and report on potential security incidents.
The role involves continually assessing the organization's security posture against the evolving cyber threat landscape.
Key duties include monitoring ticket queues, security telemetry, and threat feeds to identify and remediate potential security incidents.
The engineer will prioritize and oversee the remediation of vulnerability, pentest, and security assessment findings.
Responsibilities also include configuring and maintaining security devices, systems, and tooling according to best practices.
The engineer will routinely assess network and cloud security posture against best practices.
Investigating and responding to email phishing alerts and quarantine release requests is part of the role.
The engineer will enhance JSSI's Security Awareness Training program and lead a portfolio of cybersecurity initiatives to improve the organization's security posture.
Establishing and reporting on key security metrics, documenting operational procedures, and contributing to incident response planning are also required.
The role includes responding to information security audit requests and collaborating with other IT professionals on cybersecurity best practices.
Participation in after-hours on-call rotation to respond to critical security alerts is expected.
Other duties may be assigned as needed.

Requirements:

A minimum of 5 years' experience in Information Technology roles is required.
At least 3 years' experience working as a SOC analyst or in a similar role is necessary.
A Bachelor's degree in Computer Science, Information Security, or a related field is required.
Cybersecurity certifications such as CISSP, CISM, or CEH are highly valued.
Excellent written and verbal communication skills are essential.
Candidates must demonstrate detail orientation and strong analytical problem-solving abilities.
The ability to effectively prioritize tasks and projects in a fast-paced environment is required.
In-depth knowledge of networking protocols and experience configuring network security devices such as firewalls and IDS/IPS is necessary.
Experience with EDR and XDR services is required.
Familiarity with the Microsoft Defender Security suite is strongly preferred.
Scripting/query language experience such as Bash, PowerShell, or KQL is needed.
Hands-on experience setting up and querying SIEM tools such as Sumo Logic is required.
Knowledge of data privacy and compliance regulations, as well as cybersecurity frameworks such as ISO 27001 and NIST, is necessary.

The annual base pay for this role generally ranges from $120,000 to $125,000, with the final offer determined by various factors including market location and experience.
The total rewards package may include an annual discretionary bonus plan, incentive or sales bonus plan, or other forms of additional compensation based on the role.
Full-time employees based in the USA, Canada, or the Philippines are offered a robust suite of benefits starting from day one of employment.
Benefits include insurance offerings such as medical, dental, vision, and retirement savings programs.
For a full overview of the benefits offerings, candidates are encouraged to visit the JSSI Benefits Page on the company website.