Sr. Security Engineer

Company: Elevate Credit
Location: Fort Worth
Posted on: March 28, 2020

Job Description:

The Senior Information Security Engineer plays a critical role at Elevate. This role will provide security leadership in the implementation, maintenance, monitoring, and troubleshooting of the incident handling, incident response, threat hunting, and related processes at Elevate. The Senior Information Security Engineer also serves as a consultant to internal and external customers in establishing security for Elevate and its products. The Senior Information Security Engineer provides technical direction and support to less experienced members of the team and to other teams (inside and outside of the department) who require security expertise especially with regard to incidents, detections, and threat mitigation.

Essential Functions:

• 
  
• Serve as information security subject matter expert and actively assist Elevate teams in the development of secure business solutions for medium to highly complex problems.
• Monitor, analyze, and interpret security/system logs for events and incidents reflective of unauthorized access, potential malicious behavior, or operational irregularities.
• Work on multiple projects as the team member who leads the security design of the project.
• Support or lead information security incident response as required.
• Monitor security advisories and ensure security updates, patches, and preventive measures are in place throughout the relevant Elevate security control environments.
• Engage and direct hunting of security threats in the environment
• Analyze audit findings and make recommendations to lower security risks to acceptable levels
• Analyze incoming threats and make recommendations for tuning security controls to address gaps in visibility, gaps in detection, or gaps in mitigation
• Consult, advise, and approve secure network design.
• Ensure that security changes comply with company change management policies and procedures.
• Author security policies, procedures, standards, and guidelines for computing infrastructure.
• Establish, maintain, and monitor mechanisms to ensure protection against malware on company computing systems.
• Automate security processes and tasks to achieve efficiencies and/or improved accuracy.
• Perform additional duties as assigned.
  
  Education and Experience
  
  • 
    
  • Bachelor's degree in Computer Science or similar field of study, or have equivalent industry experience
  • 10+ years of technical IT experience, 5 of which working as an information security engineer or similar, including IP based applications (DNS, SMTP, SSL, etc.)
  • Strong background working with security technologies: firewalls, intrusion detection, AV, IDS, vulnerability scanning and remediation, security log and event management, network traffic analysis, privilege management, etc.
  • Working knowledge of Splunk or similar system highly preferred.
  • Knowledge of regulatory compliance standards used in financial industry (e.g., PCI, GLBA, SOX, SAS70)
  • Strong understanding of LAN, WAN, and wireless communications and protocol, including network packet analysis and routing protocols
  • Strong knowledge of UNIX and Windows operating systems as well as supporting technology (Active Directory)
  • Prefer CISSP, GIAC, or CISM certification
  • Must be able to juggle priorities and operate with little ongoing supervision
  • Must have excellent teamwork and communication skills
  • Scripting knowledge for automation of tasks (such as Python, PowerShell, Go, Ruby, etc.)
    
    Core Traits
    
    • 
      
    • Demonstrates refined written and verbal communication skills, fosters open communications, listens effectively, and builds strong partnership networks that result in consistent forward momentum; has excellent negotiation skills with an ability to orchestrate change through influence
    • Highly experienced at solving complex challenges in a directed, methodical, cost-effective, and data-driven manner and has the ability to analyze the current issue to envision creative solutions
    • Takes initiative to complete critical tasks, especially in team settings with dependencies on other people
    • Works effectively in the face of stress, ambiguity, difficult situations, and shifting priorities all while championing the long-term architectural view
    • Steps outside of"comfort zone" to tackle new issues/challenges in an aggressive manner, demonstrates the ability to leverage self-directed learning opportunities, and is comfortable dealing with ambiguity in a fast-paced, cutting-edge, and entrepreneurial environment.
    • Challenges the status quo to generate new ideas; is open to challenges and implements unique solutions to solve them; focuses on the best outcome for the company, rather than on ego
    • Collaborates and openly seeks and shares information across teams and departments
    • Has established experience in his or her technical field and continually augments experience and skills with the latest research results and techniques
    • Demonstrates a bold commitment to the total alignment of actions, words, and professional beliefs
      

Keywords: Elevate Credit, Fort Worth , Sr. Security Engineer, Engineering , Fort Worth, Texas