We use cookies. Find out more about it here. By continuing to browse this site you are agreeing to our use of cookies.
#alert
Back to search results

Senior Security Engineer

BI Incorporated
dental insurance, life insurance, vision insurance, flexible benefit account, paid time off, paid holidays, tuition reimbursement, 401(k), employee discount
United States, Colorado, Boulder
6265 Gunbarrel Avenue (Show on map)
Nov 15, 2024
Benefits Information

This is a remote position

This job posting is anticipated to remain open until November 15th, 2024.

Full-time employees will enjoy a competitive benefits package with options for you and your family including:

* Paid Time Off

* Paid Holidays

* 401(k) Matching

* Health Insurance

* Vision Insurance

* Life Insurance

* Health Savings Account

* Tuition Reimbursement

* Employee Discount

* Reduced Tuition Rates

* Disability Insurance

* Employee Assistance Program

* 401(k)

* Pet Insurance

* Dental Insurance

* Paid Training

* Flexible Spending Account

The compensation and benefits information is accurate as of the date of this posting. The Company reserves the right to modify this information at any time, with or without notice, subject to applicable law.

Equal Opportunity Employer


Overview

BI is one of the leading technology companies in Boulder, Colorado and the largest provider of innovative electronic monitoring solutions in the United States. We excel at proving technological solutions to over 1,000 agencies nationwide and allowing those agencies to fulfill their missions without worrying about the technical complexities.


Qualifications

Minimum Requirements
  • Bachelor's Degree in Information Systems, Computer Science or related field or equivalent experience.
  • Security-related certifications, CISSP preferred.
  • At least five (5) years of experience in the following areas:
    • Computer network and/or system infrastructure operations, design, and with an IT security focus.
    • Governance, Risk, and Compliance activities in a FISMA or FedRAMP environment.
    • Cloud deployments and security tools used for protecting, detecting, and responding to security threats.
  • Ability to pass a federal background check and obtain a suitability determination.
  • United States citizenship required.
  • Must live in the US 3 of the last 5 years (military and study abroad included).
  • In-depth knowledge of network and security principles, systems, hardware, and cloud platforms.
  • In-depth knowledge of SSL and encryption and secure communications.
  • In-depth knowledge of DNS systems.
  • In-depth knowledge of UNIX/Linux.
  • In-depth knowledge of Windows Server, Microsoft SQL Server and PaaS/SaaS Applications.
  • In-depth knowledge of networking systems and heterogeneous routing hardware.
  • In-depth knowledge of networking and security equipment from major IT Security vendors.
  • In-depth knowledge of TCP/IP, and client-server technologies.
  • Ability to communicate technical issues to all levels of management and diverse internal and external contacts at all levels in comprehensible terms.
  • Ability to share knowledge and experience and to provide mentorship to team members in a collaborative team environment.
  • Ability to provide detailed and summary documentation for various purposes and audiences.
  • Strong documentation, communication (written and verbal), and collaboration skills.
  • Business knowledge and understanding of how security integrates into the business.
  • Ability to work with computers and the necessary software typically used by the department.

Working Conditions: Encountered on a regular basis as part of the work this job performs.

  • Typical office environment.
  • Provides on-call security support after standard business hours 24 x 7 on a rotating basis.

BI Incorporated


Responsibilities

Summary

The Senior Security Engineer, is a technical role and engineering team leader responsible for ensuring the confidentiality, integrity, and availability of BI Inc. computer systems including servers, workstations, network connections, storage, applications, and data. Leads security engineering technical activities, including detection and incident response, and ensures the successful design, deployment, and monitoring of security services. Assists the compliance team to ensure BI adheres to applicable laws and regulations and select security frameworks such as FISMA, FedRAMP, DHS 4300A, SOX, PCI-DSS, and others based on contractual requirements.

Primary Duties and Responsibilities

  • Collaborates with Developers, Network Engineers, Systems Administrators, and Database Administrators to ensure the secure configuration of the IT infrastructure and applications, to address vulnerabilities and other risks, and respond to security threats.
  • Researches, designs, and implements new security services in accordance with the BI security strategy and roadmap.
  • Administers and develops operations guides and playbooks for the management of security services such as endpoint detection and response, vulnerability management, and logging and alerting tools.
  • Ensures compliance to applicable laws and regulations and selects security frameworks such as FISMA, FedRAMP, DHS 4300A, SOX, PCI-DSS, and others based on contractual requirements.
  • Troubleshoots and resolves problems with BI security services.
  • Reports on key security metrics.
  • Performs threat hunting and monitors the threat landscape for potential security impacts to BI and takes appropriate actions based on identified Indications of Compromise (IOC).
  • Oversees and performs penetration, vulnerability, and configuration testing of all systems in order to identify system weaknesses using internal tools or in conjunction with outside vendors.
  • Monitors server logs, firewall logs, intrusion detection logs, and network traffic for unusual or suspicious activity. Interprets logs, responds to alerts, and implements or makes recommendations for resolution.
  • Provides Tier 3 support for virus or malware issues on endpoints and servers to ensure the security of all BI endpoints.
  • Develops implements, maintains, and oversees enforcement of security policies, procedures, and associated plans based on company requirements, industry standards, and best practices.
  • Keeps current with emerging security threats and issues to be able to respond quickly and appropriately.
  • Incorporates industry standard best practices and implements technical and administrative controls in accordance with the NIST cybersecurity framework (CSF) and Risk Management Framework (RMF).
  • Audits end-user accounts, permissions, and access rights for all corporate systems.
  • Ensures security is integrated with DevOps processes, including assessment and approval of code and hardening activities to BI systems, and performs security audits of new applications and systems prior to production implementation.
  • Tracks, assesses, and monitors the application of security controls in the systems security plan, and provides regular reports as required.
  • Supports the change control management process by reviewing existing configurations and proposed changes, and performing risk analysis to determine the overall security risk of the change on the enterprise network to make an approval recommendation.
  • Performs other duties as assigned.
Applied = 0

(web-5584d87848-99x5x)