Security Incident Response SME

Kaseya® is the leading provider of complete IT infrastructure and security management solutions for Managed Service Providers (MSPs) and internal IT organizations worldwide powered by AI. Kaseya’s best-in-breed technologies allow organizations to efficiently manage and secure IT to drive sustained business success. Kaseya has achieved sustained, strong double-digit growth over the past several years and is backed by Insight Venture Partners www.insightpartners.com), a leading global private equity firm investing in high-growth technology and software companies that drive transformative change in the industries they serve.

Founded in 2000, Kaseya currently serves customers in over 20 countries across a wide variety of industries and manages over 15 million endpoints worldwide. To learn more about our company and our award-winning solutions, go to www.Kaseya.com and for more information on Kaseya’s culture, please click here: Kaseya Culture.

Kaseya is not your typical company. We are not afraid to tell you exactly who we are and our expectations. We have achieved record levels of success being BOLD, being GRITTY, being ACCOUNTABLE. The thousands of people that succeed at Kaseya are prepared to go above and beyond for the betterment of our customers, and the betterment of their careers and long-term financial wealth. 

Onsite in Brickell, Miami, Fl.

Seasoned Sr. IT Security Engineer orchestrating comprehensive security strategies, implementing robust measures, performing audits, and leading initiatives to fortify systems and mitigate risks against evolving cyber threats.

Responsibilities
• Analyze and report organizational and system security posture and design architecture and frameworks.
• Assess adequate access controls based on principles of least privilege and need-to-know and the effectiveness of security controls.
• Assess all the configuration management (change configuration/release management) processes.
• Ensure all systems’ security operations and maintenance activities are properly documented and updated as necessary.
• Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
• Mitigate or correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
• Perform security reviews, identify gaps in security architecture, implement security measures to resolve vulnerabilities, mitigate risks, help develop a security risk management plan, and recommend security changes to systems as needed.
• Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Verify and update security documentation reflecting the application/system security design features.
• Verify minimum security requirements are in place for all applications.

Skills
• Knowledge of business continuity and disaster recovery continuity of operations plans.
• Ability to serve as the primary liaison between the CISO organization, IT, and system owners.
• Knowledge of the application firewall concepts and functions (e.g., single point of authentication/audit/policy enforcement, message scanning for malicious content, data loss prevention, SSL security, REST/JSON processing).
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• Skill in assessing security controls based on cybersecurity principles and knowledge of how to use network analysis tools to identify vulnerabilities.
• Knowledge of the enterprise information technology architectural concepts and patterns (e.g., baselines, validated design, and target architectures.)
• Knowledge and working experience in managing Azure, O365, Active Directory, domain resolution, etc.
• Experience in Windows server solutions; including OS installation, domain configuration, and AD architecture (GPO, AD schema, certificate-based authentication, PKI, etc.).
• Knowledge of information technology security principles and methods (e.g., firewalls, demilitarized zones, encryption, OSI model, etc.) and networking (e.g., TPC, IP, VPN, DHCP, etc.).

Communications/Leadership
• Excellent communication – oral, written, and interpersonal skills.
• Strong analytical and problem-solving skills.
• Ability to develop effective and cooperative working relationships across multiple areas.

Education/Technology
• Bachelor's degree in Computer Science, Management Information Systems, or a related field.
• Advanced degree desirable.
• CISSP, GIAC, CompTIA Security+ or other security certifications desired.

Join the Kaseya growth rocket ship and see how we are #ChangingLives !

Additional information
Kaseya provides equal employment opportunity to all employees and applicants without regard to race, religion, age, ancestry, gender, sex, sexual orientation, national origin, citizenship status, physical or mental disability, veteran status, marital status, or any other characteristic protected by applicable law.