Senior Information Security Engineer

Introduction

Are you searching for an opportunity to play a key role in driving the dramatic growth of a highly successful software company?

At Poppulo, we’re working on what’s next in communications and workplace technology. As a pioneer in this industry, we understand that meaningfully reaching every employee is hard. And so is managing office space in a hybrid world. And so is improving the customer and guest experience. We exist to make each of these things easier. We exist to bring harmony to our customers.

And we do that at enterprise scale. Our omnichannel employee communications, customer communications, and workplace experience platform is trusted by over 6,000 organizations today, reaching more than 35M employees and delivering content to 500,000+ digital signs.

We know there’s no such thing as a “perfect" candidate - we’re all a work in progress and are growing new skills and capabilities all the time. We encourage you to apply for a position with Poppulo even if you don’t meet 100% of the requirements. We believe in fostering an environment where there is a diversity of perspectives, in hopes that we can all thrive.

Opportunity

Poppulo is seeking a Senior Information Security Engineer to join our security team. The role of the Senior Information Security Engineer implements preventive, detective, and response controls to protect Poppulo assets. They will utilize established and create new processes and capabilities to focus on incident response, application security, threat identification, analyses, and remediation.

The Senior Information Security Engineer will support the development and maintenance of business continuity planning, data, systems, and network security for systems and controls related to their job duties.

Responsibilities:

• Develops and implements security controls, defenses, and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, and web-based systems.
• Perform application security reviews, consulting, and testing in coordination with developer operations.
• Reviews security violation reports or logs, investigates security exceptions and coordinates with internal teams or external agencies as needed.
• Planning, implementing, and managing security measures/technologies to protect the organization's information systems and networks.
• Monitoring security systems to identify alerts and leading response efforts for potential security events.
• Perform the analysis of malware, attack trends, and intel for patterns and develop automated solutions for analysis, classification, and categorization of data for further automation.
• Work with global cyber intelligence collectors to identify, contextualize, and instrument current and emerging cyber threats.
• Developing and implementing security policies and procedures.
• Providing training and support to end-users on security best practices.
• Analyzing Emails for spoofing, reading and understanding email headers, and maintaining email gateway security controls.
• Assist with Identity and Access Management (IAM) operations.
• Perform real-time detection, analysis, and response to threats via Security technologies and platforms.
• Provides subject matter expertise when needed.
• Develop and mentor junior staff through open communication, training and development opportunities, and celebrate their success.
• Participate in On-Call rotations.

Skills & Experience Required:

• Bachelor's degree in Computer Science, Information Systems, related field, or equivalent experience.
• Security-based certifications preferred, such as CISSP, Security +, GCIH, GCFA/E, etc.
• 4+ years’ experience in some form of information security discipline; specialization in information security risk assessments and frameworks preferred.
• Experience with the NIST or ISO 27001/2 security frameworks.
• Strong problem-solving skills and self-motivation to learn and upskill regularly.
• Highly developed threat detection and incident response analytical skills.
• Experience working in a global hybrid environment and leading technical teams applying an agile methodology.
• Familiarity with SecOps methods, tools, and practices.
• Proven record of producing documentation relating to solutions for monitoring, processing, and alerting on security-based signals.
• The ability to work independently and across functional teams while developing key working relationships.
• Knowledge of the current threat landscape and attack vectors utilizing and massaging Threat Intelligence sources.
• Strong experience in engineering and supporting solutions including but not limited to:
• Modern EDR/XDR solutions and Web application security (OWASP top 10 Knowledge).
• Containers security (Docker and Kubernetes security).
• Cloud Security: AWS (Amazon Web Services) knowledge, AWS security products/logging services. (e.g., GuardDuty, CloudTrail), Azure security products/logging services.
• Deep understanding of the MITRE framework and tools (e.g., DeTT&CT Navigator).
• Experience on evaluating and prioritizing detection capabilities (log sources, requirements) based on MITRE ATT&CK coverage.
• IT experience and understanding of common devices, equipment, environments, network diagrams & systems.

Who We Are

We are a values-driven organization that encourages our employees to bring their authentic selves to work every day and empowers everyone to make a tangible impact on our products, clients, and culture. We offer a dynamic environment with driven, fun, and flexible individuals who thrive on challenge and responsibility. This is an opportunity to contribute to our culture and join a company that’s on the move.

We live the Poppulo values each day, as they are key to everything we do.

• Bring Your Best Self

We show up authentically, are self-aware and always strive to be better.

• See it. Own it. Solve it.

We proactively innovate and solve for our customers and each other. We set an example with high standards for our work. We foster a culture of learning, acknowledging our successes and our failures.

• Together We’re Better

We value and celebrate our diversity. We learn from others, respecting their expertise, and focus on building trust. That's what makes us a team.

Named a Great Place to Work in 2015, 2016, 2017, 2018, 2019, 2020, and 2021, we are a fast-growing global technology company, with offices in Ireland, the US, and the UK.

Poppulo is an equal opportunity employer.

We are committed to protecting your privacy. For details on how we collect, use, and protect your personal information, please refer to our Job Applicant Privacy Policy.