Sr. Information Security Engineer

Florida Crystals is a leading domestic sugar producer and North America’s first fully integrated cane sugar company, guiding our sugar from farm to table.  We are America’s first and only producer of certified organic sugar, grown and harvested in the United States. Our renewable energy facility is the largest of its kind in North America and provides clean energy that powers our sugar operations, which helps us reduce our use of fossil fuels.  Florida Crystals also sustainably farms rice, sweet corn and other vegetables in rotation with our sugarcane.  Our rice mill is the only rice mill in Florida. 

OVERVIEW

The Sr. Information Security Engineer position reports directly to the Sr. Manager of Information Security. The primary focus of this position is to implement and administer security solutions, participate in hardening and evolving the company’s existing security posture, and provide threat modeling, risk mitigation, and incident response expertise. In addition, the Information Security Engineer will collaborate with senior IT and business management to advance the security strategy and drive the execution of the security roadmap.

DETAILED ROLES & RESPONSIBILITIES

• Implement and administer security solutions across various domains, including endpoint, business applications, data, cloud and on-prem infrastructure, mobile, networking, and operational technology.
• Create, manage, and update Standard Operating Procedures as needed.
• Function as a Subject Matter Expert (SME) regarding security integrations and authentication elements such as firewall, network security, conditional access, VPN, zero trust network architecture, network microsegmentation, SSO federation, and email security solutions.
• Work closely with the Security Engineer(s), Infrastructure, Partners, and Solutions teams to ensure designs are functionally sound and based on best practice security standards.
• Respond swiftly and decisively to security issues, incidents, or demands as they arise.
• Coordinate inner team and cross-team communications and activities that improve and sustain operational security functions related to support, maintenance, optimizations, and projects as warranted.
• Provide relevant security training to team members to improve their skills and abilities as security professionals.
• Stay current on modern-day security practices and techniques and evaluate new offerings and methodologies that potentially minimize the company’s security risk on an ongoing basis.
• Establish a threat modeling methodology to identify, classify, prioritize, and report on cyber threats using a structured approach.
• Collect information on threats to the organization through communication with other partner institutions, mailing lists, open-source news, and industry partnerships.
• Provide awareness to internal teams and leadership on changes to the cyber threat landscape.

WORK EXPERIENCES

• 5+ years of experience as an IT Security professional with at least 3 years operating and leading solutions in a hybrid environment.
• Broad security knowledge working in a heterogeneous environment of diverse applications, systems, databases, SaaS solutions, and on-premise as well as cloud-based security offerings.

EDUCATION REQUIREMENTS

• A minimum of a Bachelor’s Degree in Information Systems, Computer Science, Engineering, or equivalent experience.
• In lieu of a Bachelor’s Degree, 5+ years of relevant field experience will be considered.
• Relevant certifications preferred.

ESSENTIAL CAPABILITIES (KNOWLEDGE, SKILLS, ABILITIES, AND PERSONAL ATTRIBUTES)

• Significant understanding and experience working in complex and distributed IT environments, applying security expertise involving both on-premise and cloud-based solutions.
• Strong expertise with Cloud Security, Network Security, and Firewall Technologies
• Strong understanding of security and risk mitigation strategies.
• Expert understanding of security strategies and platforms, identity and access management, multi-factor authentication, and related security protocols.
• Working understanding of security architecture models and experience with application security is preferred.
• Ability to create clear and concise documentation targeted at the appropriate audience – IT executives, internal business clients, and technical teams.
• Demonstrated knowledge of common adversary tactics, techniques, and procedures (TTPs).
• Intimate knowledge of relevant network defense and intelligence frameworks.
• Experience with collecting, analyzing, and interpreting technical data from multiple sources, documenting the results, and providing meaningful analysis products.
• Must demonstrate assertiveness and leadership qualities, deliver excellence in verbal and written communication, and prioritize effectively.
• Must be capable of creating architecture and related documents for pre-existing solutions and implementations.
• Must be capable of collaborating with others regarding critical security decisions and policy and have others feel their input is being considered when decisions affect multiple teams and/or the business.

LOCATION OF ROLE

West Palm Beach, FL.

We are an equal opportunity employer. We do not discriminate on the basis of race, color, creed, religion, gender, sexual orientation, gender identity, age, national origin, disability, veteran status or any other category protected under federal, state, or local law.  All employment is decided on the basis of qualifications, merit, and business need.