HaystackID · 2 days ago
Senior Security Engineer
Wonder how qualified you are to the job?
Maximize your interview chances
IT ManagementLegal
Insider Connection @HaystackID
Responsibilities
Automate CIS hardening standards across all systems, minimize open ports, and implement controls to detect/record/correct deviations. Report on coverage status monthly.
Oversee vulnerability management system coordinating patch management to achieve KPI.
Lead technical security investigations, including directing the 3rd party Security Operation Center.
Lead technical incident response activities, including directing the 3rd party Managed Threat Response Team.
Audit user access review activities quarterly for identity systems including AD, Azure AD, role-based tools, groups memberships, and administrative or privileged accounts.
Audit user hardware life cycle weekly maximizing hardening and company control from drop shipment to retirement and destruction. Ensure KPIs for EDR, Configuration Management, and Encryption coverage are met.
Maintain the source of truth for applications and systems. Audit every system monthly for proper log forwarding and aggregation. Implement corrective action as necessary.
Maintain the source of truth for IP addresses and URLs. Use vulnerability management systems weekly to find rogue IP and URL use. Implement corrective action as necessary.
Maintain the source of truth for applications and systems. Audit every system quarterly for password policy enforcement, SSO, MFA, and other conditional access criteria. Implement corrective actions as needed.
Audit Enterprise Password Management/Remote Desktop Management system monthly to ensure correct use of shared accounts. Implement corrective action as necessary.
Review Corrective Action Plan with Security Committee monthly.
Provide and review reports including Vulnerability Management Report with Security Committee monthly.
Assist with any other assigned duties that may arise.
Provide mentoring and training to junior staff members.
Qualification
Find out how your skills align with this job's requirements. If anything seems off, you can easily click on the tags to select or unselect skills to reflect your actual expertise.
Required
University degree in the field of computer science and/or 10+ years of experience or equivalent work experience
Industry recognized certifications (CISSP, GCFA, GPEN, CEH, CCNA Security) or other equivalents
Qualified candidates must be legally authorized to be employed in the US and ITAR eligible
Benefits
Medical, Dental and Vision Insurance
Life, Short and Long-term Disability Insurance
401(k) after 90-days
PTO and Paid Holidays
Company
HaystackID
HAYSTACKID provides electronic discovery and forensic services and solutions to corporations and law firms.
Funding
Current Stage
Growth StageLeadership Team
Recent News
2024-03-01
Company data provided by crunchbase