EVOTEK is North America’s premier enabler of secure digital business focused on innovation. With an integrated set of technical domains, including data center, network, security, cloud, and communications, EVOTEK provides a cohesive approach to digital initiatives while driving business impact. In addition to technical solutions, EVOTEK offers advisory services and strategic sourcing to help bridge the gap between IT and business, reducing functional silos and facilitating alignment. EVOTEK was named Inc. Magazine’s “Best Places to Work” in 2018, 2020, and 2022. In addition, for seven consecutive years, EVOTEK was listed in The San Diego Business Journal’s “Best Places to Work” and recognized in CRN’s “Solution Provider 500” list, CRN’s “Next-Generation 250” list, CRN’s “Triple Crown” and highlighted as CRN’s “Top 150 Growth Companies”. Role Summary The Security Engineer is responsible for testing, installing, configuring, and maintaining security solutions/tools as well as monitoring infrastructure (networks and systems) for unusual activity, security breaches, and/or intrusions. This individual will work closely with client teams on the implementation, maintenance, and administration of security tools. Additionally, Security Engineers communicate findings, incidents, and concerns to relevant team members and leadership in a timely manner and work with teams to address and remediate those findings and concerns. The Security Engineer may also be engaged in Resident Engineer positions with specific clients. These Resident engagements are longer-term contracts where the Security Engineer is effectively dedicated to a specific client full-time for a defined period (typically 3-, 6-, or 12-month engagements). Working with client and team members to develop and document security standards and policies. Assisting with installation, configuration, and operation of new security products and procedures. Deploying, troubleshooting, maintaining, and administering security solutions (such as Endpoint Protection, SIEMs, Vulnerability Management solutions, email security gateways, event logging solutions, etc.). Discovering and recommending security enhancements to client teams. Participating in, or conducting, vulnerability scans of client environments. Working with client teams prioritize and remediate discovered vulnerabilities. Undertaking system and infrastructure hardening efforts per standardized benchmarks (E.g.: CIS benchmarks, CIS-CAT assessments, NIST standards, etc.). Installation and configuration of solutions that monitor for and notify when unusual behavior is detected. Monitoring infrastructure for security breaches or intrusions (via security tools and solutions). Monitoring for irregular system behavior. Ensuring that client organizations have detailed, timely, and accurate information regarding security concerns, security findings, and incidents. Participating in, and sometimes leading, incident response activities. Participating in, and sometimes leading, investigations into how incidents and/or breaches occur. Participation in security tabletop exercises. Assisting with the education of client staff members on information security through training and awareness. Developing automation solutions (scripts, etc.) to handle and track incidents. Testing security solutions using industry standard analysis criteria. Helping plan and implement an organization’s information security strategy. Recommending modifications with regards to legal, technical, and regulatory areas. 5-10 years’ experience in Information Security and Engineering. A strong background in both data / information security and system engineering. Possession of both deep and wide expertise in the security space. Having a breadth of experience with security solutions and concepts overall, while also having deep knowledge of several specific security solutions/tools. Experience deploying, troubleshooting, integrating with, managing, and maintaining security solutions (think email security gateways, network security tools, SIEMs, Antivirus/EPP technologies, etc.). Experience monitoring infrastructure and systems for security breaches or intrusions. Familiarity with regulatory requirements (GDPR, CCPA, HIPAA, PCI DSS, etc.). Deep understanding of server operating systems (Windows Server and Linux [multiple variants] are most common). Experience with AWS and/or Azure environments is a plus. Experience with MS 365 is a plus. Experience in some specific industry verticals (healthcare, biotechnology, government, department of defense) is helpful. Excellent communication skills, both written and verbal. Documentation of security tools, deployment configuration, incident reports, etc. Communication with client teams on the above as well as clear explanation of concerns, findings, and incidents. Salary commensurate with years’ of experience, technical expertise and geographic location. Salary range: $100,000 to $150,000. Performance bonuses. Benefits package that includes 100% paid medical, dental and vision for the employee. 401(k) with employer match. Strong company culture. Flexible PTO policy. Flexible working arrangements. Annual company overnight retreat (employee + significant other) Equal Opportunity Employer EVOTEK believes that everyone has the ability to make an impact, and we are proud to be an equal opportunity employer committed to providing employment opportunity regardless of sex, race, creed, color, gender, religion, marital status, domestic partner status, age, national origin or ancestry, physical or mental disability, medical condition, sexual orientation, pregnancy, military or veteran status, citizenship status, and genetic information. #J-18808-Ljbffr
Data Center Vulnerability management Amazon Web Services (AWS) Azure HIPAA Linux PCI DSS Communication cloud-computing Security ccpa Microsoft 365 GDPR Windows Server