SUMMARY

The Information Security Engineer will report to the Information Security Manager and work in close collaboration with the Information Technology Applications, Architecture, and Infrastructure departments. This role will be assisting with the analysis, design, implementation, and support of Armada's information security landscape. The Information Security Engineer will collaborate with third parties and internal stakeholders to develop scalable systems for the detection and remediation of security anomalies across the entire digital environment. He/she is responsible for ensuring compliance with security policies, standards, and procedures.

RESPONSIBILITIES

• Responsible for following up on SOC audit evidence.
• Works directly with auditors and other Armada employees to maintain compliance.
• Monitor cyber security policies and procedures to ensure compliance and assess effectiveness of existing controls. Coordinate providing evidence to third party auditors and cyber security firms as required.
• Work with infrastructure, applications, and architecture teams to implement threat detection signals, deploy new or upgrade tooling (SIEM, MDR, etc.), and improve response capabilities
• Administer security applications such as those associated with vulnerability scans, detection alerts, and malicious activities.
• Assist with phishing testing campaigns and metric reporting.
• Work with the application teams to validate security status of application implementations.
• Develop and manage action plans to identify and remediate vulnerabilities and cyber security incidents.
• Contribute to cyber security communications program promoting best practices, helpful hints, and general good security hygiene.
• Provide expertise on methodologies to validate technical design and implementation of applications and infrastructure
• Research security trends, threats, technologies, and best practices, evaluating and providing recommendations on innovative information security related hardware, software and tools, including developing business cases for security investments or solutions.
• Assist with designing and developing secure cloud usage strategies.
• Maintains current knowledge of relevant security, privacy, and cloud technology trends.
• Perform additional duties as assigned.

KNOWLEDGE, SKILLS AND ABILITIES:

• Strong knowledge of security technologies, including: firewalls, IDS/IPS, VPNs, encryption principles, log/event management systems, web filtering, etc.
• Knowledge of the principles and practices of a network systems design and implementation, including hardware, software, communications standards, and documentation
• Knowledge of security technologies, tactics, products, and industry best practices
• Effective organizational skills, and the ability to function in a fast-paced environment
• Project management capabilities

Requirements:

• Bachelor's degree in computer science or related field from an accredited four-year college or university

• Three (3) years relevant work experience

• Professional cybersecurity certification(s) such as CompTIA Security+, CISSP, or other applicable certification strongly desired
• Working knowledge of security frameworks, such as ISO/IEC 27001, NIST, or OWASP
• Familiarity with one or more national and/or international regulations such as ISO, SOC, or SOX
• Extensive knowledge in Microsoft Office 365 software
• Three (3) years of hands-on experience with Microsoft Office 365 security features and functionality, including
• Data Loss Prevention (DLP), Intune, Enterprise Mobility plus Security (EM+S)
• Azure security solutions and architecture, Advanced Threat Protection (ATP), Azure Information Protection (AIP), Microsoft Cloud App Security (MCAS and CASB) strongly desired
• Knowledge of Authorization & Authentication in Microsoft hybrid environment and experience with Azure AD including Single Sign On (SSO) and Multi Factor Authentication (MFA)

Physical demands and work environment

The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions.

• Work is usually performed in an office environment with normal noise levels. Involves prolonged sitting and computer usage.
• Work may involve limited travel.

Disclaimer

This job description is not intended, and should not be construed to be, an exhaustive list of all responsibilities, skills, efforts or working conditions associated with the job. It is intended, however, to be an accurate reflection of those principal job elements essential for making decisions related to job performance, employee development and compensation. As such, the incumbent may perform other duties and responsibilities as required. Its contents imply no contractual obligation and may be changed by the company at any time.