Lead Security Engineer
Location: Rockville, Maryland - Remote
Employment Type: Contract To Hire
Job ID: 15337
Date Added: 05/26/2023
Lead Security Engineer serves across all areas of IT security to help inform and defend the business, protect brand reputation, monitor application, host, and network threats, including external threat actors and rogue insiders. As a trusted member of the cybersecurity team and industry community, the engineer works closely with internal technical teams, business units and external entities aligned with the business. This role requires coordination of incident response activities across the company and working closely with stakeholders and information security team members. Additionally, this job function requires engagement in suspected and confirmed incidents, which may vary in impact. The Lead Security Engineer will investigate, validate, and communicate known details about various cybersecurity events and work closely with cybersecurity leadership.
-Monitor the effectiveness of day-to-day technical security operations within the organization and recommend suitable and corrective measures.
-Minimize the risk of external attacks and internal threats by guiding, implementing, and maintaining proper security posture.
-Lead the identification, evaluation, and recommendation of new security technologies, techniques, and tools.
-Engage vendors to establish relationships, evaluate, procure, and implement various IT security related technologies.
-Strong technical ability to lead numerous internal and external engagements.
-Identify and research new industry trends.
-Respond to security incidents and escalations.
-Actively hunt for exposures and identify incidents warranting action to disrupt and remediate threats.
-Serve as a team lead and point of contact for incident response analysts, security teams and management.
-Improve efficiencies using automation and orchestration solutions to reduce manual work that can be done programmatically.
-Ensure that security risks are comprehensively and effectively managed though leading the application of established and ad hoc processes and techniques to identify, validate, and prioritize.
-Lead the identification of security requirement deficiencies, eliciting of security requirements, and the architecture and design of security controls.
-Develop and implement strategies to promote consistent use of security controls across the enterprise.
-Lead the operation and monitoring of security controls.
-Establish, implement, and promote security control operation and monitoring strategies.
-Ensure that security controls are operating effectively; resolve operating discrepancies.
-Lead team in defining, reviewing, and promoting information security policies, standards, guidelines, and procedures.
-Lead and champion efforts to enforce and monitor compliance with internal and external regulations, policies, and standards.
-Establish and promote strategies to ensure that compliance is effectively monitored and enforced.
-Direct internal process improvement initiatives. Provide feedback on processes by offering suggestions.
-Mentor junior staff.
-Serve as a trusted advisor to establish credibility with business unit leadership and technical teams.
-Uphold professional accountability to remain educated on incident response skills and abilities
-Provide backup coverage for next level management, as appropriate.
-Assist with adherence to technology policies and comply with all security controls.
-Ensure all work products meets/exceeds FINRA standards.
-Perform other duties as assigned.