Information Security Engineer
Job Details
Level
Experienced
Job Location
Hybrid - Northlake, TX - Northlake, TX
Remote Type
Hybrid
Position Type
Full Time
Education Level
4 Year Degree
Travel Percentage
None
Job Shift
Day
Job Category
Information Technology
At Farmer Brothers, our Information Security Engineer is responsible for recommending and implementing information security architecture, strategies, and processes. This role will coordinate with outside service providers and maintains associated incident response and escalation plans and make recommendations for implementation of new security solutions. In this role you will apply knowledge of security frameworks, maturity assessment, and industry best practices to assure effectiveness and ongoing improvement of company’s overall information security posture. This role will also work in coordination with the Sr. Manager of Information Security, Program/Project Managers, and System Administrators across a broad spectrum of IT disciplines.
Responsibilities :
Assists with development of company-level information security policies
Develops and implements IT-level information security policies, processes, and procedures
Assists with the creation and maintenance of the cybersecurity strategic plan and capability roadmap
Assists with managing outside service providers for implementation of the Security Operations Center (virtual SOC) and all related processes and procedures
Performs ongoing information security maturity assessments and associated plans for improvement
In collaboration with Sr. Manager Information Security, develops performance metrics and management reports
Leads information security vulnerability detection and mitigation processes
Provide technical and thought leadership for the development and integration of new cybersecurity solutions
Apply understanding of network threats, attack vectors and methods of exploitation with tactics, techniques and procedures to investigate and analyze threats and risks to determine preventive measures
Develop cybersecurity incident response playbooks based upon best practices that ensure comprehensive threat mitigation
Post-incident analysis to drive continuous improvement security solutions
Provide incident investigation reports and communications to the company’s executive leadership
Conduct regular system audits, risk assessments, and compliance audits to identify vulnerabilities and non-compliance issues. Develop and implement strategies to mitigate risks and address gaps.
Ensure compliance with applicable security standards, regulations, and laws (e.g., ISO 27001, GDPR, HIPAA). Stay abreast of new legislation and regulations impacting cybersecurity.
Prepare and maintain documentation related to security audits, risk assessments, and compliance activities. Present findings and recommendations to management and relevant stakeholders.
Lead efforts for security tool optimization
Education & Experience
Bachelor’s Degree in Computer Science, MIS, Engineering, or a related discipline or four years of experience in lieu of a degree
5+ years of progressive experience in Information/Cyber security
3+ professional certifications, such as such as CISSP, CISA, CISM, CEH, SANS GSEC, PCI QSA, GCIA, GCIH, GMON
Senior level knowledge of IT networks and infrastructure, certifications a plus
Incident Response and/or security operations center (SOC) experience required
Working experience with at least four of the following: anti-virus, end point security, HIPS, IDS/IPS, DLP, network forensics, host-based forensics, malware analysis, firewalls, secure email gateways, log analysis and management required
Previous experience with workflow and ticketing systems for incident, problem and change management required
Experience troubleshooting day to day operational processes such as security monitoring, data correlation, security operations required
Personal & Professional Skillsets:
Knowledge of information security frameworks, standards, best practices and relevant regulations
Knowledge of Windows and Active Directory, virtualization and cloud security
Understanding of defense in depth and cyber kill chain models
Self starter that is resourceful and can work autonomously
Works well in fast-paced environments
Partners effectively with internal business stakeholders and vendors
Business acumen for effective interface across the company
Meets deadlines, follows through on commitments and delivers on promises
Analytical, critical thinker and solution orientation
Able to analyze business impact and exposure, based on emerging security threats, vulnerabilities and risks
Effectively communicates security risks and solutions to leadership, business partners and IT staff
Thinks broadly around business issues and apply to company strategies
Strives for continuous growth and improvement
Committed to development of team members
Generates original, creative ideas to improve processes
Farmer Brothers is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind. Farmer Brothers is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Farmer Brothers are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Farmer Brothers will not tolerate discrimination or harassment based on any of these characteristics. We encourage applicants of all ages.