Senior / Lead Information Security Engineer - WorkWave

Company Description

IFS is a billion-dollar revenue company with 6000+ employees on all continents. Our leading AI technology is the backbone of our award-winning enterprise software solutions, enabling our customers to be their best when it really matters–at the Moment of Service™. Our commitment to internal AI adoption has allowed us to stay at the forefront of technological advancements, ensuring our colleagues can unlock their creativity and productivity, and our solutions are always cutting-edge.

At IFS, we’re flexible, we’re innovative, and we’re focused not only on how we can engage with our customers but on how we can make a real change and have a worldwide impact. We help solve some of society’s greatest challenges, fostering a better future through our agility, collaboration, and trust.

We celebrate diversity and understand our responsibility to reflect the diverse world we work in. We are committed to promoting an inclusive workforce that fully represents the many different cultures, backgrounds, and viewpoints of our customers, our partners, and our communities. As a truly international company serving people from around the globe, we realize that our success is tantamount to the respect we have for those different points of view.

By joining our team, you will have the opportunity to be part of a global, diverse environment; you will be joining a winning team with a commitment to sustainability; and a company where we get things done so that you can make a positive impact on the world.

We’re looking for innovative and original thinkers to work in an environment where you can #MakeYourMoment so that we can help others make theirs. With the power of our AI-driven solutions, we empower our team to change the status quo and make a real difference.

If you want to change the status quo, we’ll help you make your moment. Join Team Purple. Join IFS.

Job Description

WorkWave is a field service management software that provides SaaS solutions for businesses in the service industry (HVAC, Plumbing & Electrical, Cleaning, Lawn & Landscape, Home Delivery, Logistics & Distribution). We empower these businesses to deliver exceptional customer experiences and grow their customer base on our efficient and easy-to-use platform.

WorkWave Team is looking for innovative Information Security Engineers who want to be part of a team of creative and talented individuals.  Our teams are a mix of technologists, product managers, development engineers, and UI/UX designers, all working together to deliver our vision.  You will be a part of our WorkWave team, helping to develop & support the WorkWave products

The ideal candidate will have a strong background in security operations, infrastructure security, risk management, and compliance. This role is crucial in ensuring our systems and data remain secure, compliant, and resilient against threats.

Responsibilities 

• Architect and enforce robust security frameworks across AWS and Azure platforms.

• Manage Cloud Security Posture, ensuring cloud environments are secure and compliant.

• Implement and monitor identity and access management solutions in cloud infrastructure.

• Implement and configure cloud-based security solutions, including AWS and Azure specific solutions like CloudTrail, GuardDuty, AWS WAF, Azure WAF, etc.

• Monitor security tools and review logs for anomalies to detect and respond to threats in a timely manner.

• Conduct thorough incident response and forensic analysis.

• Provide timely issue resolutions by evaluating, tracking, escalating, managing all requests/problems reported

• Take ownership of security incidents, driving swift detection, analysis, containment, and remediation.

• Manage and configure SIEM systems (e.g. Splunk) to enhance security posture; monitor, analyze, and visualize security data.

• Implement and manage web applications and network firewalls.

• Secure on-premises, hybrid, and cloud infrastructures, focusing on system integrity and availability.

• Conduct regular network and system security audits.

• Design and maintain secure network architectures, implement firewall rules, and safeguard network traffic from malicious actors.

• Manage and monitor the company's network security infrastructure, including firewalls,

• intrusion detection/prevention systems, cloud gateways, email servers, endpoint protection systems, Extended detection and response (XDR) and VPNs.

• Perform Firewall audits and segmentation tests as required by compliance guidelines.

• Oversee patch validation and management processes.

• Ensure robust identity and access management protocols are in place.

• Validate disaster recovery (DR) and business continuity planning (BCP) processes.

• Conduct enterprise risk assessments and manage mitigation strategies.

• Develop, implement, and maintain cloud security policies and procedures.

• Assess and manage vendor compliance and third-party risks.

• Conduct privacy management and data protection assessments.

• Design and validate secure architecture solutions.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, or related field.

• Expertise in cloud platforms (AWS, Azure), with relevant certifications (e.g., AWS Certified Security Specialty, Microsoft Certified: Azure Security Engineer, Splunk security admin or equivalent).

• 4-5 years of experience in information security or a related field.

• Hands-on experience with security operations in a complex, dynamic environment.

• Proven track record of managing compliance initiatives and security audits.

• Experience in developing and implementing security policies and procedures.

• Experience in DevSecOps practices and CI/CD pipeline security.

• Strong understanding of network security principles, protocols, and technologies (e.g., firewalls, VPNs, IDS/IPS).

• Strong understanding of security compliance frameworks (PCI DSS, SOC, ISO, PrivacyShield/Data Privacy Framework).

• Proficiency in security tools and technologies, including SIEM, firewalls, IDS/IPS, and endpoint protection.

• Experience with threat detection, incident response, and forensic analysis.

• Knowledge of cloud security principles and practices, particularly with AWS, Azure, or Google Cloud.

• Strong knowledge of network security, system security, and secure architecture design.

• Experience with enterprise risk management and vendor compliance assessments.

• Excellent communication skills, with the ability to train and raise security awareness among employees.

• Strong analytical and problem-solving skills, with the ability to handle complex security incidents.

Additional Information

We believe that coming together as a community, in person, is important for innovation, connection and fostering a sense of belonging. Our roles have the right balance of remote and in-office working to enable flexibility for managing your life along with ensuring a real connection with your colleagues and the broader IFS community.