Enterprise Security Engineer

Important Information

Experience: +5 years

Job Mode: Full-time

Work Mode: Work from home

Job Summary

We are looking for an Enterprise Security Engineer to join our Security team to help us deliver on several key initiatives for the company in the software and security engineering spaces. Through your work, you will dramatically improve our security posture through efforts in the following areas:

• Design, build and deploy automation to scale vulnerability discovery efforts
• Drive vulnerability remediation across prod, CORP, cloud, endpoint and mobile assets.
• Provide actionable security guidance to asset owners in an effort to speed up vulnerability remediation
• Endpoint hardening of Macs, PCs, Linux servers, Windows servers, network equipment, SaaS, etc.
• Compliance monitoring
• Device Attestation
• Email Security
• Data Loss Prevention
• Shadow IT identification and remediation
• Malware scanning and threat hunting

Responsibilities and Duties

• Fine tuning and maintaining of all security tools
• Evaluating new security solutions to identify Security Gaps and assist in remediation efforts to increase our security posture
• Develop and implement Security Orchestration Automation and Response (SOAR)
• Timely respond to security events, 0-day and outages
• Monitor adherence to standards and recommend improvements as needed

Qualifications and Skills

• 5+ years of relevant security engineering experience
• Up to date with recent security attack vectors and latest security research
• Knowledge of EDR, Web application firewalls, and Email security including DMARC/DKIM/SPF
• Ability to operate independently, to learn new concepts and adapt to shifting priorities
• Excellent communication skills and ability to communicate with multiple teams at the same time, across different time zones
• Familiar with security standards such as NIST, CIS Benchmarks
• Industry recognized security certification (CISSP, CISA, CEH, etc.)
• Experience with Threat Based Defense
• Experience building countermeasures based on the kill chain or ATT&CK Framework
• Familiarity with operating system internals and hardening
• Experience developing, deploying, and configuring security services and tools
• Understanding of authentication, authorization, and directory services

About Encora 

Encora is a global company that offers Software and Digital Engineering solutions. Our practices include Cloud Services, Product Engineering & Application Modernization, Data & Analytics, Digital Experience & Design Services, DevSecOps, Cybersecurity, Quality Engineering, AI & LLM Engineering, among others. 

At Encora, we hire professionals based solely on their skills and do not discriminate based on age, disabilit