Principal Engineer, Information Security

Overview

The Senior Information Security Engineer will be responsible for implementation and administration of information security policies, practices, procedures, and technologies in order to ensure securely architected systems, applications and databases in a hybrid cloud SaaS environment.

 

This role, in conjunction with the rest of the CalAmp Information Security Team, will be responsible for security operations such as implementing, monitoring, analyzing, improving and troubleshooting security systems ,as well as incident response and forensics, evaluation of security controls, development and monitoring of policies and standards, analyzing results, providing recommendations for enhancement/improvement, prioritizing and eradicating active vulnerabilities and performing system risk assessments.

 

As an information security expert within the organization, this role will help to ensure compliance with all security policies, standards, best practices as well as industry regulations and laws such Sarbanes Oxley (SOX) and EU GDPR.

 

This role uses the various security tooling to monitor, investigate and respond to security events and incidents. Using various Threat Intelligence sources, as well as security tools, this role will effectively prioritize and eradicate any active threats and vulnerabilities. The Senior Information Security Engineer is a subject matter expert in incident management, incident response and forensics and will coordinate with other teams to enable escalation and remediation, as needed.

Responsibilities

Knowledge, Skills and Abilities:

   Required:      

• Strong knowledge of multiple security tools for both Cloud and On-Prem scenarios.
• Good knowledge of AWS (Amazon Web Services), GCP (Google Cloud Platform), Azure, or other cloud platforms and related technologies is strongly desired.
• Strong knowledge of SIEM, such as Splunk, and related tooling and automation.
• Experience with Content Delivery Networks (CDN), Web Application Firewall (WAF), Bot Management and Distributed Denial of Service (DDoS) tooling strongly desired.
• Provide support for strategic business process/reengineering consulting as appropriate and work on multiple technically complex high-profile projects. 
• Demonstrate an understanding of key IT operational policies, processes and methodologies applicable to governance, risk management and compliance. 
• Demonstrable experience with integration in Splunk or other SIEMs for various security tools.
• General understanding of security fundamentals (cryptography, least privilege, segregation of duties, ...) and general security technologies, including operating systems, network security (firewalls, VPNs, EDR, Web Content Filtering, etc.), security incident and event management, business continuity, physical security, identity management, directory services, etc. 
• Knowledge of Active Directory, DDNS, Group Policy (GPO), Microsoft Windows Server and Desktop operating systems, Linux, MacOS...
• Maintain knowledge of new and emerging tools, tactics and techniques that may post threats and risks to the organization. Advise and implement threat mitigations.
• Research, recommend, and implement changes to enhance systems security and develop appropriate security controls to address vulnerabilities found during assessments.
• Strong work ethic, including consistent documentation and tracking of activities.
• Possess an understanding of SOC2 Type2, Sarbanes Oxley (SOX), PCI Compliance and EU GDPR Requirements. Participate in audit response management and provide ongoing guidance on solutions to achieve and maintain security compliance.
• Ability to work in fast paced, rapidly changing environment and a strong desire to learn
• You are a self starter, and require only minimal guidance to get results.
• This position may require on-call activities at off-hours
• High degree of accuracy and attention to detail
• Excellent organization skills and ability to multi-task

Equipment Knowledge:

• Experience with cloud, systems, email and network security
• Experience with containers (Docker, Kubernetes, ...) strongly desired
• Experience with various tooling in the Information Security space
• Experience working with, and setting up alerts and queries in Splunk or other SIEM tools
• Experience with OpenText Encase Forensics, or similar forensics tooling, desired
• Knowledge of IT/Information Security Audit and assessment. 
• Knowledge researching, analyzing and recommending information security solutions
• A working knowledge of information security practices and concepts including intrusion detection/ prevention, EDR, NetFlow analysis, access controls, risk analysis, vulnerability scanning, application whitelisting and data encryption.
• Experience with Microsoft Office Suite (e.g., Word, Excel, PowerPoint, etc.) and Microsoft O365
•  

Qualifications

Experience Requirements:

• 5-7 years experience in information systems as a security engineer, cloud administrator or network administrator with at least one of those with direct incident response / incident management duties
• Strong organizational, excellent written, verbal and interpersonal communication skills are needed to work effectively with a wide variety of staff, outside consultants and vendors.

 

Education Requirements:

• Bachelor's Degree in Information Technology, Information Security, Computer Science, or related field desired, though not required.
• Advanced industry certification strongly desired, e.g. SANS GIAC, CompTIA Security+, CISSP, CISM, GIAC Certified Incident Handler (GCIH),...

 

Judgment/Reasoning Ability:  Able to identify, troubleshoot and resolve problems quickly using sound judgment, poise and diplomacy.  Ability to use judgment and reasoning skills, and determine when to escalate issues, as required, in a timely manner.

 

Physical Demands:  The physical demands described here are representative of those that must be met by a Team Member to successfully perform the essential functions of this job.  While performing the duties of this job, the Team Member is regularly required to talk and hear. The Team Member is frequently required to sit, walk, climb stairs, use hands and fingers, bend, stoop and reach with hands and arms.  Reaching above shoulder heights, below the waist or lifting as required to file documents or store materials throughout the work day.  The Team Member may occasionally lift or move office products and supplies up to 25 pounds.  Proper lifting techniques required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

 

Work Environment:  The noise in the work environment is usually moderate.  Other factors are:

 

• Hectic, fast-paced with multi-level distractions
• Professional, yet casual work environment
• Office / Warehouse environment
• Ability to work extended hours as required

 

#LI-JN2

Market MinimumUSD $120,355.00/Yr.Market MaximumUSD $177,666.00/Yr.Employment Type: FULL_TIME