Security Engineer III jobs in United States
cer-icon
Apply on Employer Site
company-logo

Crane Worldwide Logistics · 1 month ago

Security Engineer III

positionHouston, TX
timeFull-time
remoteOnsite
senioritySenior Level
date7+ years exp

Crane Worldwide Logistics LLC is a leader in logistics, and they are seeking a Security Engineer III to support their security team projects and enhance their security posture. The role involves conducting risk analysis, proposing solutions for data protection, and collaborating with cross-functional teams to implement security measures.

Freight ServiceLogisticsSupply Chain ManagementTransportation
badNo H1Bnote

Responsibilities

Support security team projects such as threat modeling, vulnerability scanning and audits
Conduct design reviews, testing of new infrastructure, and uplift the security posture for existing environments
Build capabilities for automated evidence gathering through integration with our GRC platform
Execute risk and threat analyst activities, demonstrating findings from external and internal cyber trends and incidents
Propose and implement creative solutions to protect data across multiple platforms including endpoint, email, network, databases, and cloud applications
Collaborate with software engineers, DevOps and infrastructure teams, product owners, and across security teams to understand how data is used, what protections are needed, and implement solutions
Support incident and vulnerability response in collaboration with other products and security team
Drive security engineering projects to eliminate attack vectors, harden the platform, and enhance monitoring and intrusion detection systems
Lead discussions, assessments, tracking, and overall reporting of technology security risks
Manage the effectiveness of tooling, rationalizing tools as needed, and identifying tool requirements, as necessary
Coordinate with team members to maintain software and operate solutions
Engage with teams to identify shared problems and develop automation
Define metrics and key performance indicators to determine the effectiveness of the Security automation program
Assess APIs and application endpoints for security deficiencies
Lead cross-collaboration with other engineering and products teams and influence technical direction as well as provide guidance for complex infrastructure security engineering initiatives
Mentor team members while providing vision and setting technical direction for the team as a technical lead
Demonstrate technical leadership to manage and provide multiple technical solutions, perform code reviews, establish, and enforce coding guidelines and best practices
Serve as an internal security consultant to teams looking to make IT investments; ensure systems are designed in accordance with, and are aligned to Crane's security policies and standards
Influence the continuous improvement of the security program
Provide ongoing assessments of the evolution of incident response tools and capabilities
Perform ongoing monitoring of production security tools
Provide assistance to more senior level staff as necessary
Assist in the documentation of the security program
IAM - Solution research, assessment, deployment, and on-going support
IoT - Solution research, assessment, deployment, and on-going support
Physical Access Security - Solution research, assessment, deployment, and on-going support
Endpoint - Solution research, assessment, deployment, and on-going support
Vulnerability management - Review and triage of vulnerabilities discovered via scanning tools
Perform periodic penetration testing of networks, web-apps, wireless environments
Perform advanced threat hunting on an on-going basis
DLP with Data Classification - Solution research, assessment, deployment, and on-going support

Qualification

Threat modelingVulnerability scanningRisk management frameworksSecurity compliance monitoringCloud securityPenetration testingData Loss PreventionDevOps practicesCISSP certificationCustomer orientationCommunicationTime management

Required

Support security team projects such as threat modeling, vulnerability scanning and audits
Conduct design reviews, testing of new infrastructure, and uplift the security posture for existing environments
Build capabilities for automated evidence gathering through integration with our GRC platform
Execute risk and threat analyst activities, demonstrating findings from external and internal cyber trends and incidents
Propose and implement creative solutions to protect data across multiple platforms including endpoint, email, network, databases, and cloud applications
Collaborate with software engineers, DevOps and infrastructure teams, product owners, and across security teams to understand how data is used, what protections are needed, and implement solutions
Support incident and vulnerability response in collaboration with other products and security team
Drive security engineering projects to eliminate attack vectors, harden the platform, and enhance monitoring and intrusion detection systems
Lead discussions, assessments, tracking, and overall reporting of technology security risks
Manage the effectiveness of tooling, rationalizing tools as needed, and identifying tool requirements, as necessary
Coordinate with team members to maintain software and operate solutions
Engage with teams to identify shared problems and develop automation
Define metrics and key performance indicators to determine the effectiveness of the Security automation program
Assess APIs and application endpoints for security deficiencies
Lead cross-collaboration with other engineering and products teams and influence technical direction as well as provide guidance for complex infrastructure security engineering initiatives
Mentor team members while providing vision and setting technical direction for the team as a technical lead
Demonstrate technical leadership to manage and provide multiple technical solutions, perform code reviews, establish, and enforce coding guidelines and best practices
Serve as an internal security consultant to teams looking to make IT investments; ensure systems are designed in accordance with, and are aligned to Crane's security policies and standards
Influence the continuous improvement of the security program
Provide ongoing assessments of the evolution of incident response tools and capabilities
Perform ongoing monitoring of production security tools
Provide assistance to more senior level staff as necessary
Assist in the documentation of the security program
IAM - Solution research, assessment, deployment, and on-going support
IoT - Solution research, assessment, deployment, and on-going support
Physical Access Security - Solution research, assessment, deployment, and on-going support
Endpoint - Solution research, assessment, deployment, and on-going support
Vulnerability management - Review and triage of vulnerabilities discovered via scanning tools
Perform periodic penetration testing of networks, web-apps, wireless environments
Perform advanced threat hunting on an on-going basis
DLP with Data Classification - Solution research, assessment, deployment, and on-going support
Knowledge of risk management frameworks and applying risk methodologies
Understanding of conducting risk and/or self-assessment activities to identify key risk areas in the business
Experience associated with 3rd party risk assessments and understanding security in-depth principles to measure risk
Knowledge of security auditing procedures
Understanding of DevOps and CI/CD practices and tools
Enthusiasm for scalable, reproducible security management
Excellent verbal and written communication skills and excellent time management abilities
Strong customer orientation and excellent interpersonal and communication skills
7+ years of experience working with security frameworks and implementing cyber security controls across a heterogenous environment
Experience with public cloud architecture, cloud strategy, networking, security, and compliance workload types
Experience with traditional on-prem infrastructure management and auditing
High School or better

Preferred

Experience working on applications deployed within Azure and/or AWS is desirable
Experience working with advanced firewalls, DNS filtering, and log management systems is desirable
Experience working with advanced email filtering is desirable
Industry certification preferred in one of the following areas: (e.g., CISSP, CISM, CRISC, MS-500, or CISA)
Familiarity with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework is desirable
Knowledge of current data privacy laws (CCPA and GDPR)

Benefits

Quarterly Incentive Plan
136 hours of Paid Time Off which equals 17 days for the year, that can be used for Sick Time or for Personal Use
Excellent Medical, Dental and Vision benefits
Tuition Reimbursement for education related to your job
Employee Referral Bonuses
Employee Recognition and Rewards Program
Paid Volunteer Time to support a cause that is close to your heart and contributes to our communities
Employee Discounts
Wellness Incentives that can go up to $100 per year for completing challenges, in addition to a discount on contribution rates

Company

Crane Worldwide Logistics

twittertwittertwitter
Glassdoor3.4
company-logo
Crane Worldwide Logistics is a supply chain company that provides individual solutions to address its client's logistics challenges.
dateFounded in 2008
location
Houston, Texas, USA
people-size1001-5000 employees
web-link
https://craneww.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Dylan Ross
CFO
linkedin
leader-logo
Jared Noynaert
VP Engineering
linkedin

Recent News

Satellite Today
Amazon Leo Lands Enterprise Customers in Logistics and Energy Operations
2025-11-23
EIN Presswire
Supply Chain Innovations Fuel Automotive Logistics Market to $433.6 Billion by 2031
2025-08-14
Business Wire India
Boomi Announces Its 2025 Customer Innovation Award Winners
2025-05-17
Company data provided by crunchbase