Security Engineer
Corsearch has more than 1500 team members serving over 5,000 clients on five continents, and we’re growing and changing rapidly. We are a fantastic company to work for — with great benefits, growth opportunities, and a terrific internal culture — and we truly believe that its people who make us thrive. Every day, we are transforming ourselves into a better partner for our customers, a better employer for our colleagues, and a better investment for our owners.
About You
- Strong desire to always learn new technologies, techniques, and tools. You are excited about being an expert in this challenging field.
- Have an interest in embedding security into the fabric of an organization and infrastructure.
- A strategic thinker who can translate vision into tactical execution with good decision making and project management skills.
- Innate ability to effectively prioritize work in a highly dynamic work environment.
- Has a proven record of driving change and moving people off their comfort zone
- A proactive nature to make data-driven decisions and participate in complex initiatives from conception to deployment.
- You have natural ability to proactively reach out and facilitating communications between various teams to get the job done. Our responsibilities are cross-functional and cross-departmental.
The Responsibilities
- Ensure that our applications, software and infrastructure is designed and implemented to the highest security standards.
- Perform security assessments, design reviews, security audits, risk analysis, vulnerability testing and security code-reviews on a wide variety of Corsearch environments.
- Work with key stakeholders across the company to define, design and implement effective security controls and remediate vulnerabilities to improve our security posture and reduce risk to acceptable levels
- Conduct assessments of threats and vulnerabilities and determine deviations from acceptable security baselines
- Manage security technology processes and solutions, sometimes through 3rd parties, including endpoint protection, vulnerability management, and SIEM
- Review security events for context, appropriateness, and criticality and be an incident responder as needed
- Create security operations playbooks to ensure a consistent approach and response to current & emerging threats
- Conduct network monitoring and intrusion detection analysis using various Computer Network Defense (CND) tools, such as Intrusion Detection/Prevention Systems (IDS/IPS), Firewalls, Host Based Security System (HBSS), etc.
- You will also work closely with other Corsearch security engineers, compliance analysts, DevOps, IT, and architects to enhance our application security posture.
- Perform security assessments, gather evidence for security audits, review third party security documentation
- Develop technical solutions to help mitigate application security vulnerabilities
- Conduct research to identify new attack vectors against Corsearch products and services.
Your Experience:
- Extensive experience in Information Security or a related field
- 7+ years of security development experience
- Expertise in TCP/IP. Understanding of common network vulnerabilities, OS vulnerabilities (Windows and macOS), patching and attack patterns
- Strong organization, time management and project management skills
- Experience in public cloud environments
- An understanding of system hardening, containerization, and cloud security controls
- Familiarity with ISO27001, SOC, GDPR, & CCPA
- Excellent interpersonal skills & communication skills; you should be an ambitious teammate with strong analytical, problem solving, debugging and troubleshooting skills
- Familiarity with Enterprise Vulnerability Management tools
- 2+ years of experience with M365 Defender & M365 Cloud Application Security
- 2+ years of experience with Azure SSO
- 2+ years of experience with IDS/IPS solutions such as Fortinet
- 3+ years of experience with public cloud services including AWS, GCP and Azure
- Previous mergers & acquisition experience is a PLUS