Security Solution Engineer at The Judge Group Inc. in Philadelphia, Pennsylvania

Job Description:

Location: REMOTE

Salary: $110,000.00 USD Annually - $140,000.00 USD Annually

Description:

Security Solutions Engineer




Responsibilities:

• Design and develop security solutions and controls for complex environments, ensuring seamless integration of security controls and compliance requirements.


• Collaborate with stakeholders to understand business needs and translate them into effective security solutions and controls.


• Evaluate, deploy, and configure security tools and technologies to enhance the organization's security posture. Provide security control expertise and design concepts to IT teams.


• Partner with vendors and internal teams to assess and optimize security solutions and products, maximizing their value and effectiveness.


• Assess existing solutions, threat landscapes, and market capabilities, proposing changes to improve effectiveness, cost efficiency, and overall security.


• Maintain accurate and up-to-date documentation of security controls, configurations, and procedures.


• Research and recommend enterprise-level security products and technologies aligned with organizational goals.


• Lead the implementation and deployment of enterprise security solutions, including configuration, fine-tuning of security controls, and integration with existing systems.


• Create comprehensive documentation, such as design documents, installation guides, and operational procedures, to support solution deployment and maintenance. Provide training to relevant teams.


• Stay informed about the latest security trends, threats, and technologies through ongoing research and professional development. Proactively identify areas for security posture improvement and recommend enhancements to policies and procedures.


• Lead escalated Incident Response activities as a Subject Matter Expert throughout the Incident Response life cycle.


• Support ongoing administration, design, and use of security tools.


• Continuously learn and adapt to evolving security challenges by staying updated on the latest trends, technologies, and threats.


• Advise management on best practices, current trends, and relevant changes in internal and external threats, presenting action plans for mitigations and implementations.


• Perform enterprise-scale control assessments based on Tactics, Techniques, and Procedures (TTPs) and threat reports from information sharing organizations (e.g., US-CERT, FS-ISAC). Recommend and apply adaptive security measures based on investigative findings and threat monitoring.


• Collaborate with cross-functional teams (IT, engineering, business units) to achieve common security objectives and drive security initiatives forward.


• Partner with Development and DevOps teams to integrate security controls.


• Provide guidance and support to peers and junior staff.


• Perform other duties and special projects as assigned.

Relevant Work Experience:

• 6-8 years of combined Information Security and Technical Engineering Experience.


• Strong knowledge of operating systems, networking, cloud, and security platform tools. This includes assessing, designing, implementing, and maintaining systems and security controls.


• Familiarity with common information security management frameworks, such as MITRE ATT&CK, NIST Cyber Security Framework, NIST 800-53, CIS Critical Security Controls, and ISO 27001/27002.


• Robust technical expertise in security operations and related areas within IT departments (Infrastructure, Engineering, Networking, or Development).


• Experience securing cloud workloads primarily in Azure and implementing security controls in a cloud-native or hybrid architecture with public facing services.


• Strong proficiency in scripting and programming languages, such as Python or PowerShell.


• Knowledge of evaluating OWASP and integrating security controls into DevOps and Developer pipelines


• Bachelor's degree in Information Security, Computer Science, Information Systems or relevant work experience.


• Security certifications such as Security+/GSEC/CISSP/other GIAC or advanced technical certifications are a plus but not required.

Contact: rgirling@judge.com


This job and many more are available through The Judge Group. Find us on the web at www.judge.com Apply Now