Security Engineer

Join us for an exciting career with the leading provider of supplemental benefits!

Our Promise
Through skill-building, leadership development and philanthropic opportunities, we provide opportunities to build communities and grow your career, surrounded by diverse colleagues with high ethical standards.

Job Summary:

The Security Engineer is responsible for developing, deploying, monitoring, tuning, evaluating, reporting and maintaining systems and procedures to identify and mitigate threats to the corporate network, corporate assets and corporate users. This team will identify core requirements, design and implement security technologies and work with stakeholders and partners to perform ongoing tuning and alerts on those technologies.

Competencies:

Functional:

• Gather, analyze, and prioritize complex system requirements.
• Create detailed specifications, diagrams, and documentation for system design.
• Perform system testing, including creating test cases and analyzing results.
• Identify and implement system enhancements to improve performance and efficiency.
• Support change management efforts during system upgrades or implementations.
• Provide end-user training and support as needed.

Core:

• Execute creating security solutions, design, development, and technical troubleshooting with the ability to think beyond routine or conventional approaches to build solutions and break down technical problems.
• Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall operational stability of software applications and systems.
• Lead communities of practice across development teams to drive security awareness and use of new and leading-edge technologies.
• Must have working experience of Threat Protection e.g., Advanced Threat Analytics, Microsoft Defender for Identity, XDR, Microsoft Defender for Office 365, Threat Intelligence, SIEM/SOAR (Microsoft Sentinel), AWS Security Hub, Amazon Macie, Amazon Guard Duty etc.
• Proficiency in systems analysis methodologies and tools.
• Solid understanding of IT infrastructure (i.e. Windows OS and Linux OS) and application lifecycles.
• Strong problem-solving and analytical skills for system optimization.
• Ability to communicate technical concepts effectively to diverse stakeholders.

Behavorial:

• Collegiality: building strong relationships on company-wide, approachable, and helpful, ability to mentor and support team growth.
• Initiative: readiness to lead or take action to achieve goals.
• Communicative: ability to relay issues, concepts, and ideas to others easily orally and in writing.
• Member-focused: going above and beyond to make our members feel seen, valued, and appreciated.
• Detail-oriented and thorough: managing and completing details of assignments without too much oversight.
• Flexible and responsive: managing new demands, changes, and situations.
• Critical Thinking: effectively troubleshoot complex issues, problem solve and multi-task.
• Integrity & responsibility: acting with a clear sense of ownership for actions, decisions and keeping information confidential when required.
• Collaborative: ability to represent your own interests while being fair to those representing other or competing ideas in search of a workable solution for all parties.

Minimum Qualifications:

• Bachelor’s degree in computer science, Information Systems, or related field. High School Degree or equivalent required.
• Minimum 1+ years of experience in security system administration.
• Minimum 1+ years of experience on detailed technical knowledge of SIEM, EPP, EDR, identity, and vulnerability management platforms.
• Minimum 1+ years of experience in securing cloud platforms, securing networks and infrastructure, and designing cloud agnostic security solutions.
• Minimum of 1+ years of experience with system integration techniques and APIs such as REST API.
• Minimum of 1+ years of experience with system testing (i.e., Windows OS and Linux OS) and troubleshooting practices.
• Have experience with container and orchestration security, and authentication/authorization.
• Experience with security tooling such as SAST and DAST.
• Must have experience as it relates to Microsoft 365 products and capabilities, specifically Purview, Data Loss Prevention, Endpoint Management, Endpoint Protection, Group Policy, Advanced Threat Protection, M365 Discovery Center and Exchange Online Protection is a plus.
• Working experience in threat landscape, MITRE ATT&CK framework and being able to translate those to actionable detections, tuning out false positives.
• Knowledge of common software security vulnerabilities (memory corruption, privilege escalation, web application exploitation, protocol-based weaknesses, etc.) and experience with various methods to successfully exploit them.
• Experience in penetration testing, developing proof-of-concept exploits and knowledge of remediation techniques.
• Must have working experience with vulnerability detection tools such as static and dynamic analyzers, AWS Inspector, Defender for Cloud, etc.
• Must have working experience with Amazon technologies (S3, EC2, Lambda, etc.)
• Must have working experience with scripting (any one of them bash, Perl, Python, PowerShell etc.)
• Proficiency with at least one major programming language (any one of them Java, JavaScript, C#, etc.)

Preferred Qualifications:

• Certification in system analysis or related fields (e.g., CISSP).
• Experience with enterprise systems such as claims adjudication or CRM.
• Knowledge of Agile and DevOps methodologies.

FLSA Status: Salary/Exempt

National Salary Range: $61,360 - $96,040

How To Stay Safe:

Avesis is aware of fraudulent activity by individuals falsely representing themselves as Avesis recruiters. In some instances, these individuals may even contact applicants with a job offer letter, ask applicants to make purchases (i.e., a laptop or gift cards) from a designated vendor, have applicants fill out W-2 forms, or ask that applicants ship or send packages of goods to the company.

Avesis would never make such requests to applicants at any time throughout our job application process. We also would never ask applicants for personal information, such as passport numbers, bank account numbers, or social security numbers, during our process. Our recruitment process takes place by phone and via trusted business communication platform (i.e., Zoom, Webex, Microsoft Teams, etc.). Any emails from Avesis recruiters will come from a verified email address ending in @Avesis.com.

We urge all applicants to exercise caution. If something feels off about your interactions, we encourage you to suspend or cease communications. If you are unsure of the legitimacy of a communication you have received, please reach out to [email protected].

To learn more about protecting yourself from fraudulent activity, please refer to this article link (https://consumer.ftc.gov/articles/how-avoid-scam). If you believe you were a victim of fraudulent activity, please contact your local authorities or file a complaint (Link: https://reportfraud.ftc.gov/#/) with the Federal Trade Commission. Avesis is not responsible for any claims, losses, damages, or expenses resulting from unaffiliated individuals of the company or their fraudulent activity.

We Offer

• Meaningful and challenging work opportunities to accelerate innovation in a secure and compliant way.
• Competitive compensation package.
• Excellent medical, dental, supplemental health, life and vision coverage for you and your dependents with no wait period.
• Life and disability insurance.
• A great 401(k) with company match.
• Tuition assistance, paid parental leave and backup family care.
• Dynamic, modern work environments that promote collaboration and creativity to develop and empower talent.
• Flexible time off, dress code, and work location policies to balance your work and life in the ways that suit you best.
• Employee Resource Groups that advocate for inclusion and diversity in all that we do.
• Social responsibility in all aspects of our work. We volunteer within our local communities, create educational alliances with colleges, drive a variety of initiatives in sustainability.

Equal Employment Opportunity

At Avēsis, We See You. We celebrate differences and are building a culture of inclusivity and diversity. We are proud to be an Equal Employment Opportunity employer that considers all qualified applicants and does not discriminate against any person based on ancestry, age, citizenship, color, creed, disability, familial status, gender, gender expression, gender identity, marital status, military or veteran status, national origin, race, religion, sexual orientation, or any other characteristic. At Avēsis, we believe that, to operate at the peak of excellence, our workforce needs to represent a rich mixture of diverse people, all focused on providing a world-class experience for our clients. We focus on recruiting, training and retaining those individuals that share similar goals. Come Dare to be Different at Avēsis, where We See You!