Information Security Engineer

　　Job Details

　　Level

　　Experienced

　　Job Location

　　Hybrid - Northlake, TX - Northlake, TX

　　Remote Type

　　Hybrid

　　Position Type

　　Full Time

　　Education Level

　　4 Year Degree

　　Travel Percentage

　　None

　　Job Shift

　　Day

　　Job Category

　　Information Technology

　　At Farmer Brothers, our Information Security Engineer is responsible for recommending and implementing information security architecture, strategies, and processes. This role will coordinate with outside service providers and maintains associated incident response and escalation plans and make recommendations for implementation of new security solutions. In this role you will apply knowledge of security frameworks, maturity assessment, and industry best practices to assure effectiveness and ongoing improvement of company’s overall information security posture. This role will also work in coordination with the Sr. Manager of Information Security, Program/Project Managers, and System Administrators across a broad spectrum of IT disciplines.

　　Responsibilities :

　　Assists with development of company-level information security policies

　　Develops and implements IT-level information security policies, processes, and procedures

　　Assists with the creation and maintenance of the cybersecurity strategic plan and capability roadmap

　　Assists with managing outside service providers for implementation of the Security Operations Center (virtual SOC) and all related processes and procedures

　　Performs ongoing information security maturity assessments and associated plans for improvement

　　In collaboration with Sr. Manager Information Security, develops performance metrics and management reports

　　Leads information security vulnerability detection and mitigation processes

　　Provide technical and thought leadership for the development and integration of new cybersecurity solutions

　　Apply understanding of network threats, attack vectors and methods of exploitation with tactics, techniques and procedures to investigate and analyze threats and risks to determine preventive measures

　　Develop cybersecurity incident response playbooks based upon best practices that ensure comprehensive threat mitigation

　　Post-incident analysis to drive continuous improvement security solutions

　　Provide incident investigation reports and communications to the company’s executive leadership

　　Conduct regular system audits, risk assessments, and compliance audits to identify vulnerabilities and non-compliance issues. Develop and implement strategies to mitigate risks and address gaps.

　　Ensure compliance with applicable security standards, regulations, and laws (e.g., ISO 27001, GDPR, HIPAA). Stay abreast of new legislation and regulations impacting cybersecurity.

　　Prepare and maintain documentation related to security audits, risk assessments, and compliance activities. Present findings and recommendations to management and relevant stakeholders.

　　Lead efforts for security tool optimization

　　Education & Experience

　　Bachelor’s Degree in Computer Science, MIS, Engineering, or a related discipline or four years of experience in lieu of a degree

　　5+ years of progressive experience in Information/Cyber security

　　3+ professional certifications, such as such as CISSP, CISA, CISM, CEH, SANS GSEC, PCI QSA, GCIA, GCIH, GMON

　　Senior level knowledge of IT networks and infrastructure, certifications a plus

　　Incident Response and/or security operations center (SOC) experience required

　　Working experience with at least four of the following: anti-virus, end point security, HIPS, IDS/IPS, DLP, network forensics, host-based forensics, malware analysis, firewalls, secure email gateways, log analysis and management required

　　Previous experience with workflow and ticketing systems for incident, problem and change management required

　　Experience troubleshooting day to day operational processes such as security monitoring, data correlation, security operations required

　　Personal & Professional Skillsets:

　　Knowledge of information security frameworks, standards, best practices and relevant regulations

　　Knowledge of Windows and Active Directory, virtualization and cloud security

　　Understanding of defense in depth and cyber kill chain models

　　Self starter that is resourceful and can work autonomously

　　Works well in fast-paced environments

　　Partners effectively with internal business stakeholders and vendors

　　Business acumen for effective interface across the company

　　Meets deadlines, follows through on commitments and delivers on promises

　　Analytical, critical thinker and solution orientation

　　Able to analyze business impact and exposure, based on emerging security threats, vulnerabilities and risks

　　Effectively communicates security risks and solutions to leadership, business partners and IT staff

　　Thinks broadly around business issues and apply to company strategies

　　Strives for continuous growth and improvement

　　Committed to development of team members

　　Generates original, creative ideas to improve processes

　　Farmer Brothers is an Equal Opportunity Employer and Prohibits Discrimination and Harassment of Any Kind. Farmer Brothers is committed to the principle of equal employment opportunity for all employees and to providing employees with a work environment free of discrimination and harassment. All employment decisions at Farmer Brothers are based on business needs, job requirements and individual qualifications, without regard to race, color, religion or belief, family or parental status, or any other status protected by the laws or regulations in the locations where we operate. Farmer Brothers will not tolerate discrimination or harassment based on any of these characteristics. We encourage applicants of all ages.