Security Engineer

EXECUTIVE SUMMARY OF RESPONSIBILITIES

As a Security Engineer (SE), your primary duty is to protect Lendistry against cyberattacks and effectively manage security incidents. You will also develop and implement strategies to help protect the assets of Lendistry.  

ABOUT LENDISTRY

Lendistry is the country’s largest minority-led and technology-enabled small business and commercial real estate lender with Community Development Financial Institution (CDFI) and Community Development Entity (CDE) certification. We are a national employer whose mission is to provide economic opportunities and progressive growth for small business owners and their underserved communities as a source of financing and financial education. 

GENERAL RESPONSIBILITIES

• Investigate potential incidents.
• Triage and prioritize detected threats.
• Co-ordinate an incident response and reporting
• Manage Incident Response program. 
• Maintenance, monitoring and analysis of audit logs. 
• Implement SIEM controls.
• Handle incidence from AWS, Laptops, Wireless.
• Responsible for 24/7 information security incident management
• Collaborating with the security architecture team to report appropriate operational issues that may be resolved at an architecture level.
• Manage intrusion detection and intrusion prevention systems.
• Perform threat hunting.
• Manage data recovery. 
• Conduct forensics investigations.
• Support various compliance initiatives like SOC1, SOC2, PCI and partner with various stakeholders in the enterprise.
  

PROFICIENCIES

• Knowledge and hands-on experience in Security Information Event Management (SIEM) tools, creation of basic co-relation rules and administration of SIEM.
• Should have experience in TCP/IP network traffic and event log analysis.
• Knowledge and hands-on experience in any one of SIEM tool like Splunk, LogRhythm, SumoLogic, AlertLogic, Exabeam.
• Proficient in public cloud security technology, and already have experience in architecture of AWS security solutions.
• Proficient in IDS/IPS and monitoring of critical infrastructure
• Knowledge of industry security standards such as ISO 27000 series, NIST CSF, and CSA.
• Ability to plan, organize and coordinate multiple projects.
  

EDUCATION AND EXPERIENCE

• Bachelor’s or advanced degree in Computer Science, engineering, information systems and/or 3+ years of experience with security operations and/or engineering.
• Ideally holds at least one of security certifications such as CISSP, GCIH, AWS Security, CCSK, or equivalent. 
• Experience handling incidence for at least one of the major Cloud Providers: Amazon Web Services (AWS), Azure and GCP.
• Understanding of security and compliance domains for areas such PCI and Privacy Regulations and ensuring appropriate security controls to enhance.
• Experience in a Security Operation Center is preferred.
• Basic understanding of security controls for Windows servers/workstations and Mac
• The ability to perform well in a team environment.
• Experience with risk management, vulnerability management, threat analysis, security auditing, security monitoring, incident response and other information security practices preferred.

Salary Range
• $139,800 - $174,500/annually, depending on experience and location.