Security Engineer

Thorlabs is pleased to play a role in advancing science through the components, instruments, and systems we design and manufacture. We believe that science and innovation have great potential to improve the world around us and are committed to advancing photonics (i.e., light-based) technologies that positively impact our customers, employees, and communities. Via educational outreach and more sustainable business practices, we continuously invest in a brighter future. We recognize that each of our employees is a unique individual with the ability to contribute to our success and seek to find great people who will thrive in our fun, fast-paced culture.

The Security Engineer is responsible for implementing, maintaining, and supporting security solutions and controls and processes across various security domains. This position focuses on improving the reliability and operational efficiency of security solutions while supporting ongoing and future cybersecurity initiatives. This hands-on Security Engineer works closely with other IT and security teams to ensure security services, such as cloud, network, systems, middleware, and endpoint security, are effectively deployed and configured to address potential threats.

 Although the location of the position is in Newton, NJ, from time to time it may be required to undertake duties at other Thorlabs locations.

Essential Job Functions include the following, but are not limited to:

• Assist in deploying and maintaining security solutions for IT infrastructure and applications.
• Support the development and implementation of automated security measures to identify and address vulnerabilities.
• Collaborate with IT Infrastructure and Security Operations teams to ensure security requirements are integrated into IT workflows and tools.
• Support vulnerability management processes, including assisting in the identification, prioritization, and remediation of security vulnerabilities.
• Monitor and analyze security systems to ensure optimal performance and compliance with company policies.
• Contribute to the integration of security processes into change management and infrastructure deployment workflows.
• Provide support for security assessments and testing activities to proactively identify and mitigate risks.
• Work closely with the Governance, Risk, and Compliance (GRC) team to support compliance activities and ensure adherence to regulatory frameworks.
• Partner closely with Security Operations Center (SOC) teams around detection, alert and Security Orchestration Automation and Response (SOAR).

In addition to the essential functions and duties listed above, all positions are also responsible for:

• Meeting company standards pertaining to quantity and quality of work performed on an ongoing basis, performing all work related tasks in a manner that is in compliance with all Company policies and procedures.
• Adhering to Company policies, procedures, and directives regarding standards of workplace behavior in completing job duties and assignments.

The Company retains the right to change or assign other duties to this position.

Physical Activities:

This is largely a sedentary role; however, it may require the ability to lift, bend or stand as necessary. The employee may occasionally lift or move objects up to 25 pounds.

Requirements

U.S. Person Required -

• Ability to work on ITAR related projects

Experience:

• 5-7 years of experience in IT or cybersecurity roles.
• Hands-on experience with at least two of the following areas: Security information and event management (SIEM), Network Security Tools (Firewalls, IDS/IPS, NAC), Endpoint Detection and Response (EDR), Cloud security tools.
• Application Security Tools (Web Application Firewall, Pen Testing)
• Experienced in Linux and Windows operating systems, and enterprise network equipment. Bonus: experience with Microsoft Sentinel, and Microsoft Defender suite of products.
• Experience with compliance and regulatory requirements, including GDPR, HIPAA, CCPA, and regulatory frameworks (PCI, NIST, CIS, ISO).

Education:

• Bachelor’s degree in computer science, Engineering, related field, or equivalent work experience.

Specialized Knowledge and Skills:

• Familiarity with cloud platforms like Microsoft Azure, Amazon Web Services (AWS), or Google Cloud Platform.
• Basic knowledge of security baselines, vulnerability management, and risk assessments.
• Proficiency in scripting languages such as PowerShell or Python.
• Understanding of cybersecurity fundamentals, including attack methods, risk mitigation strategies, and incident response.
• Certifications such as Security+, CCNA Security, or similar are preferred but not required.
• Strong communication and collaboration skills.
• Strong analytical and problem-solving skills, with the ability to anticipate and mitigate security risks effectively.

Thorlabs values its diverse environment and is proud to be an Equal Employment Opportunity/Affirmative Action Employer.  All qualified individuals will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. Job descriptions are not intended as and do not create employment contracts.  The organization maintains its status as an at-will employer.  Employees can be terminated for any reason not prohibited by law.

Benefits

Thorlabs offers a complete benefits package that includes medical, dental and vision insurance, company paid life insurance, a generous PTO package, a 401(k) plan, and tuition reimbursement just to name a few..