Lead Security Engineer - Encryption - Full-time / Part-time

POSITION PURPOSE -
Lead Security Engineer is responsible for engineering aspects of the company’s Public Key Infrastructure (PKI) and encryption services. The encryption team supports both internally and externally hosted Certification Authorities (CAs), a centralized Certificate Lifecycle Management (CLM) system, Hardware Security Modules (HSMs). The encryption team also provides support across the enterprise regarding data protection and cryptography technologies.

Scope of Activities:

• Design and lead the encryption domain by aligning business requirements and IT strategies, detecting critical deficiencies, and recommending solutions for continuous improvement.
• Monitor and administer certificate usage/deployment/expiration and ensure compliance with corporate security standards
• Design and assist in testing changes/additions to the encryption infrastructure
• Lead the definition of POCs around PKI, encryption and other certificate related technologies
• Ensure 24x7 uptime of encryption services
• Document, recommend and review encryption projects (for example, business requirements, architectural design and build/operate artifacts).
• Work with information security leadership and cross-functional teams to develop strategies and plans to enforce security requirements and address identified risks.
• Involved in planning the delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Provides second- and third-level support and analysis during and after security incidents.
• Research and assess new threats and security alerts and recommend remedial actions.

MAJOR TASKS, RESPONSIBILITIES AND KEY ACCOUNTABILITIES - 
Lead investigation of high level complex violations of Information Security Policies and direct activity to analyze forensic data from Sr. Analysts. Develop recommendations and take appropriate action. 

Present to Information Technology management development/implementation plan for secure solutions. 

Present findings to manager on compliance reporting for Information Securities Policies. 

Drive the Disaster Recovery and Business Continuity strategy. 

Provide technical direction to analysts, associates and contractors. 

Develop Information Security Policies, Standards and Guidelines. 

Automate access provisioning across supported systems and applications with documentation. Direct, define and provide audit reporting. 

NATURE AND SCOPE - 
Typically reports to Manager, Information Technology 

No associates report to this role on a permanent basis, but requires the leadership of a work group: assign and review work, train and contribute to performance appraisal (but not hiring, firing or disciplinary action). 

ENVIRONMENTAL JOB REQUIREMENTS - 
Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable. 

Typically requires overnight travel less than 10% of the time.

MINIMUM QUALIFICATIONS - 
Must be eighteen years of age or older. 
Must pass the Drug Test. 
Must successfully complete any required training or orientation courses. 


EDUCATION REQUIRED - 
The knowledge, skills and abilities typically acquired through the completion of a high school diplomas and/or GED. 

YEARS OF RELEVANT WORK EXPERIENCE - 3


PHYSICAL JOB REQUIREMENTS - 
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles. 

ADDITIONAL QUALIFICATIONS - 
Direct hands-on experience with one or more of the following InfoSec solutions: Anti-Virus, intrusion detection, firewalls, content filtering, rick assessment. 

PREFERRED QUALIFICATIONS - 

• Bachelor's degree in computer science, systems analysis or a related study, or equivalent experience.
• Minimum 3 years of experience related to leading cryptographic principles and concepts, including architecture, design, monitoring, management, and operations
• System administrative skills for both Windows and Linux OS
• Proficient in the submitting configuration change requests for Firewalls, Load Balancers and 2-factor authentication
• Exceptional interpersonal skills in areas such as teamwork, facilitation and negotiation.
• Strong leadership skills.
• Excellent analytical and technical skills.
• Excellent written and verbal communication skills.
• Excellent planning and organizational skills.
• Knowledge of business process re-engineering principles and processes.
• Basic knowledge of financial models and budgeting.
• Understanding of the political climate of the enterprise, and how to navigate the political waters.
• Ability to understand the long-term ('big picture') and short-term perspectives of situations.
• Ability to estimate the financial impact of technical architecture alternatives.
• Ability to apply multiple technical solutions to business problems.
• Ability to quickly comprehend the functions and capabilities of new technologies.
• Thorough understanding of Information Security frameworks and best practices (e.g. ISO, NIST),

Characteristics:

• Works well with others.
• Is a respected leader.
• Is charismatic.
• Remains unbiased toward any specific vendor or technology choice; is more interested in results than personal preferences.
• Displays intellectual integrity.
• Is motivated by long-term results.

KNOWLEDGE, SKILLS, ABILITIES AND COMPETENCIES - 
Assessment tools, technologies and methods. 

Designing secure network, systems and application architectures. 

Disaster recovery, computer forensic tools, technologies and methods. 

Planning, researching and developing security policies, standards and procedures. 

System administration role with experience in supporting multiple platforms/applications.