Job Summary
Information Security is crucial at UniFirst and is part of a broader Information Governance, Risk, and Compliance program within IT. The Information Security Engineer will be a key factor in leveraging the current implemented security technologies and enhancing related processes and procedures.
The Information Security Engineer is responsible for discovering, evaluating, and delivering security technologies to protect all sensitive information. The Security Engineer will provide technical knowledge and analysis to include applications, operating systems, vendor risk management, incident response and security awareness and training.
Job Detail
- Contribute to the implementation of UniFirst’s security controls environment
- Provide consultation for configuration of technologies managed by IT Infrastructure
- Maintain and continuously improve the security incident response plan
- Helping with the resolution of security incidents and determining root cause
- Establish baselines and monitor/report on trends and anomalies
- Acts as a principal resource for escalated security incidents and response
- Work together with all teams to fine-tune infrastructure/application/database protection and provide input for secure software development
- Conduct examinations of system logs, applications, and networks security events
- Support Security Operations Center team
- Providing security support for application and infrastructure related projects
- Conducting Security Risk Assessments on new and existing technologies
- Partner in the vulnerability management program
- Will be a critical partner in driving an improved overall security posture
Qualifications
Experience
- Must have 3+ years of experience as a Security Engineer
- Familiar with security related frameworks including CIS20, NIST and PCI
- Experience with Incident Management programs
- Experience in intrusion detection and analysis
- Knowledge of SPLUNK, Nessus, eMail gateway, O365, and Palo Alto technologies
- Experience monitoring, investigating, and solving IT security related concerns
- Strong interpersonal skills including strong written and oral communication skills
- Experience with building & managing user awareness training programs
- Ability to multi-task and balance priorities
Education
- Bachelor’s degree in Computer Science, Information Systems, or related discipline preferred or equivalent job experience
- CISSP certification(s) preferred.