Information Security Engineer II
US - MI - Southfield
Who we are
Stefanini is a full service global provider of offshore, onshore and nearshore IT services, including application development and outsourcing services, IT infrastructure outsourcing (help desk support and desktop services), systems integration, consulting and strategic staffing to Fortune 1000 enterprises around the world. We have over 25,000 employees across 77 offices in 41 countries across the Americas, Europe, Africa, Australia, and Asia.
What will you do?
The Information Security Engineer is a key member of the Risk and Compliance Team with high visibility and significant responsibility supporting the enterprise. The Information Security Engineer will help plan and carry out Stefanini’s information security strategy. They will recommend security enhancements to management as needed. They will help develop strategies to respond to and recover from a security breach.
This position requires strong analytic skills, good collaboration skills, excellent customer service skills, detailed working knowledge of current and emerging security technologies. The candidate must be a strong multi-tasker with a keen eye for detail. It is a key requirement of this position to be able to quickly and efficiently resolve security issues while maintaining high levels of operational metrics.
What do you need to succeed?
- Perform Security Risk Assessments by analyzing the infrastructure to determine vulnerabilities, recommend safeguards to mitigate risk, and perform compliance reviews to ensure applications and servers are operating in accordance with established policies and procedures.
- Work with Infrastructure Support Teams to deploy and maintain security tools, such tools as SIEM, IDS/IPS, HIPS, Anti-Virus & Malware analysis and protection, content filtering, logical access controls, identity and access management, data loss prevention, application firewalls, vulnerability scanners, forensics software, ITSM, and encryption in order to support security across Stefanini’s information assets.
- Ensure authorized access by investigating improper access; revoking access; reporting violations; monitoring information requests by new programming; recommending improvements.
- Perform project leadership tasks on select security projects.
- Support new security project evaluations.
- Provide assistance, guidance, support & remediation of security architectural/technical issues to both the business and internal IT.
- Properly document all systems security implementation, operations, and maintenance activities and update as necessary
- Participate in the change control process as an advocate to keep information security integrated & involved in all changes.
- Support information security audit information gathering, review & remediation.
- Participate in security compliance efforts (e.g. ISO 27001, HIPAA, EU Data Privacy)
- Continually review and enhance existing knowledge of the security aspects of common product sets and technologies.
- Work with stakeholders to resolve computer security incidents and vulnerability compliance.
- Provide advice and input for Disaster Recovery, Contingency, and Continuity of Operations Plans.
Skills, Licenses, Knowledge, Education and Training Requirements:
- Bachelor Degree in Computer Engineering, Computer Science or Information Systems or equivalent work experience in system, network, and/or application security
- At least 3 years of demonstrated experience in system, network, and/or application security within a mid-sized to large ICT organization
- Security+, GICSP, CISSP certification or similar desired
- Skill in assessing security controls based on cybersecurity principles and tenets. (e.g., CIS CSC, NIST SP 800-53, Cybersecurity Framework, etc.)
- Must have experience with security-related technologies including active directory, firewalls, intrusion detection/prevention systems, application white-listing, server configuration controls, logging and monitoring tools, antivirus systems, network monitoring and network-based security facilities.
- Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes.
- Intermediate to advanced level device configuration changes, network troubleshooting and security-related issues
- Professional experience in a system administration role supporting multiple platforms and applications
- Ability to read and use the results of mobile code, malicious code, and anti-virus software
- Excellent problem solving skills and keen ability to diagnose and troubleshoot technical issues
- Experience with the application of threat modeling or other risk identification techniques
- Ability to communicate technical details in a clear manner
- Ability to coach and mentor all levels of skillset within the team
- Sound business judgment, critical thinking, presentation, and superior written and verbal communications skills
- Off-hour availability during security incidents and operational emergencies
- Ability to work in a fast-paced environment
- Ability to manage multiple projects and deadlines
- Attention to detail with emphasis on accuracy and quality
- Dedication to client service and passion for learning
- Well spoken, articulate, attention to detail with excellent writing abilities
- Must possess a strong service mindset
What you’ll get
- Work with brilliant minds, often within a global capacity;
- Comprehensive Benefits package that includes 401(k), paid time off, tuition reimbursement, medical, dental and vision insurance, and much more;
- Opportunity to participate in professional development eLearning programs within the Stefanini University, and other virtual training as well.
Why we’re different
- Brazilian and privately owned company;
- Agility, flexibility, and innovation are in our DNA;
- Flat organizational structure which enables faster communication and decision making;
- Open floor plan environment where collaboration is highly encouraged!
Take a look for yourself
Here's one of our own, talking about the culture, space and growth opportunities: https://www.youtube.com/watch?v=j8O37KNINdY
This position is based out of our North America / APAC Corporate office at 27100 W 11 Mile Road, Southfield, MI 48034.