Security Engineer - Hybrid in Pittsburgh, PA

Location: Hybrid, Pittsburgh, PA
Job Type: Full Time / Permanent
Work Authorization: No C2C or Sponsorship

The A.C.Coy company has an immediate opening for a Security Engineer. This role will be responsible for improving the company's security platforms while managing and improving the overall infrastructure.

• Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies
• Provide Subject-matter-expertise and administer Palo Alto Panorama, PANOS, Prisma, and Wildfire solutions
• Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting
• Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation
• Administer the Firm’s security solutions including, CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology
• Develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring
• Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders
• Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting
• Effectively deliver reliable and scalable solutions and services, aligned to the Firm’s client and shareholder requirements, that reduce risk and balance operational impact and usability
• Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation
• Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm’s security requirements
• Deliver exceptional customer service and provide security and operational consulting, project and design support, cross-training, and troubleshooting to IT Administrators, staff, shareholders, clients, and vendors

Required Education

• Bachelor's degree in an Information Security, Computer Science, Business or Engineering related program; Advanced degree preferred.

Required Experience

• (5) years of experience in Information Security
• Knowledge and experience with varying information security processes and tools
• Ability to identify security technology risks
• Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities
• Proficient knowledge of IP networking and public cloud security principles
• Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW
• Expertise in malware detection technologies and remediation
• Experience in security event management and security incident response processes, tools, and procedures
• Expertise in the following technologies providers (or comparable): CrowdStrike, Palo Alto, Tenable, and Azure
• Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security
• Experience with scripting and query languages such as python, PowerShell, CQL, and XQL
• Understanding of ISO/IEC 27001:2022 ISMS principles