- Job Title
- Security Engineer
- Job ID
Our client believes in the importance of a strong security culture and knows that protecting their competitive edge requires a groundbreaking approach and the resources to execute innovative techniques. Under the direction of the Chief Security Officer and with the funding and governance support from the Executive Committee, this team is pioneering a transformational, industry-leading three-pronged strategy, which includes:
- A fully integrated cyber, physical and staff security operation
- A complete overhaul of our technical and security environment, which will include migration to the cloud and major investments in next generation analytics
- An innovative dynamic defense operating model that is proactive, predictive, automated and intelligent
We are looking to hire a talented, entrepreneurial security engineer to bring this vision to life. Individuals who join the department’s transformative efforts will be on the forefront of the next generation of security and technology with vast opportunities for future growth.
The Security Engineer will be instrumental in safeguarding the mission-critical intellectual property for this world-renowned firm. The ideal candidate will be a proficient technologist with expertise in secure design, development and configuration of a broad range of infrastructure, application and cloud technologies. You will have the opportunity to collaborate with world-class technology delivery teams to capture and refine business and technical requirements as well as serve as an instrumental member of the development team implementing security controls, secure design and secure coding best practices. This role is closely aligned with the business and will take a hands on approach to assessing, architecting, and validating corporate initiatives and implementing risk mitigation controls. The Security Engineer is a strong technologist and a key consultant on security, working extensively with world class security individuals across the organization that push the fold of security and technology.
- Build relationships with application, infrastructure and cloud technology teams to deeply understand new technology initiatives
- Ensure new technology projects are built securely by providing security subject matter expertise to technology engineering teams
- Specifically ensuring the secure architecture, design, development, coding and configuration of new technology projects
- Engineer security into continuous integration and continuous deployment systems
- Perform granular infrastructure, infrastructure as code, application and cloud security reviews
- Identify technology project risks through risk assessments identifying threats, vulnerabilities, impact and likelihood
- Communicate to senior management the residual risk from mitigation strategies or risk acceptance
- Maintaining a high security bar through architecture and implementation of security controls at both enterprise and project levels
- Build strong cross-organizational relationships and effectively influence the security of the organization
Our ideal candidate will have a degree and 5 or more years of experience in secure design, security engineering and SDLC (Secure Development Life Cycle). In addition, you must be an excellent communicator and problem solver with the ability to convincingly articulate vision and strategy for complex and innovative technical undertakings.
- Proficient and passionate technologyist with subject matter expertise in information security
- Ability to engineer secure systems across a diverse range of infrastructure, application and cloud technologies.
- Identifying threat and attach vectors, communicating the need for security features and controls while balancing both business and security value
- Product Red Team / Penetration Testing
- Product Security Forensic analysis
- Threat Intelligence and research
- Tool Development (SIEM, Dashboards, Web Portals, Security Feeds, etc.)
- Alignment to Industry incident reporting standards and methods (CERT, STIX, TAXII, etc.)
- Ability to analytically digest any issue/problem encountered and recommend an appropriate solution
- Ability to convincingly articulate vision and strategy for complex and innovative technical undertakings
- Ability to deal with ambiguity and make expert judgments in situations where no precedent exists
- Experience operating with modern software engineering methodologies such as Agile, Scrum, DevOps and DevSecOps
• Qualifications Preferred: CISSP, CCSK/CCSP, CISSP-ISSEP/ISSAP, CSSLP, SABSA SCF/SCP/SCMDenver, Colorado Skyline
Client headquarters are in beautiful Denver, CO. While we would love to find someone local to the area, we know we may need to relocate the right talent or consider a remote work option.
Blackmere Consulting is an equal opportunity employer (EOE/AA/M/F/Vets/Disabled/Protected Statuses)