Holman is a family-owned, global automotive services organization anchored by our deeply rooted core values and principles that have enabled us to continue Driving What’s Right throughout the last century. Our teams deliver the Holman Experience by treating our customers and each other as we would like to be treated, and creating positive, rewarding relationships all around. The automotive markets Holman serves include fleet management and leasing; vehicle fabrication and upfitting; component manufacturing and productivity solutions; powertrain distribution and logistics services; commercial and personal insurance and risk management; and retail automotive sales as one of the largest privately owned dealership groups in the United States. Holman – a Computerworld 2024 “Best Places to Work in IT” company – is hiring a Security Solution Engineer with strong experience designing, implementing, and operating security controls in cloud environments for hybrid enterprise and public facing workloads to guide and support our cloud journey. Responsibilities: Designs and develops security solutions and controls for complex environments, ensuring the integration of security controls and compliance requirements. Collaborates with stakeholders to understand business requirements and translate them into effective security solutions and controls. Evaluate, deploy, and configure security tools and technologies to enhance the security posture of the organization. Provides security control knowledge and design concepts to Information Technology Teams Partners with vendors and internal teams to conduct assessments and optimization of security solutions and products to optimize value and effectiveness of solutions. Evaluates existing solutions, threat landscapes, and market capabilities and proposes changes to existing portfolio to improve effectiveness, cost, and efficiency of solutions. Maintain accurate and up-to-date documentation of security controls, configurations, and procedures. Researches, evaluates and recommends for enterprise level security products and technologies that align with the organization’s needs and goals. Leads the implementation and deployment of enterprise security solutions. This includes configuration, fine-tuning security controls, integrating them with existing systems, and ensuring proper functionality and interoperability. Create comprehensive documentation, including design documents, installation guides, and operational procedures, to support the deployment and maintenance of security solutions. Provide training and knowledge transfer to relevant teams to ensure proper use and administration of security tools. Stays abreast of the latest security trends, threats, and technologies through ongoing research and professional development. Proactively identify areas for improvement in security posture and recommend enhancements to security policies, procedures, and technologies. Leads escalated Incident Response activities as a Subject Matter Expert through the Incident Response life-cycle. Support the ongoing administration, design and use of the Security Tools. Continuously learn and stay updated on the latest security trends, technologies, and threats, and adapt to evolving security challenges. Advise management on best practices, current trends, and pertinent changes in internal/external threats and opportunities for improvement. This includes presenting action plans for mitigations and implementations. Performs enterprise scale control assessments based on Tactics, Techniques and Procedures (TTPs) and threat reports from information sharing organizations (US-CERT, FS-ISAC, etc.) Recommend and apply adaptive security measures based on investigative findings and threat monitoring. Leads collaborations with cross-functional teams, including IT, engineering, and business units, to achieve common security objectives and drive security initiatives forward. Partners with Development and Development Operations (DevOps) to integrate security controls. Provides guidance and support for peers and junior staff. Performs all other duties and special projects as assigned. Relevant Work Experience: 6-8 years of combined Information Security and Technical Engineering Experience. Strong experience and knowledge with operating systems, networking, cloud and security platforms tools. This includes assessing, designing, implementing, and maintaining systems and security controls. Strong experience with common information security management frameworks, MITRE ATT&CK, NIST Cyber Security Framework, NIST 800-53, CIS Critical Security Controls, International Standards Organization (ISO) 27001/27002 Robust breadth and depth of technical expertise in security operations and other related areas within information technology departments such as Infrastructure, Engineering, Networking or Development. Strong experience with securing cloud workloads primarily in Azure and implementing security controls in a cloud-native or hybrid architecture with public facing services. Strong proficiency in scripting and programming languages, such as Python or PowerShell. Knowledge of evaluating OWASP and integrating security controls into DevOps and Developer pipelines Education and/or Training: Bachelor’s degree in Information Security, Computer Science, Information Systems or relevant work experience. Security certifications such as Security+/GSEC/CISSP/other GIAC or advanced technical certifications are a plus but not required. Compensation: Starting at $135,000.00 USD
#LIREMOTE #LI-FB1 At Holman, we exist to provide rewarding careers and better lives for employees and their families. We hire, train, empower, and reward exceptional people. Our journey is guided by our desire to get it right every time and the acknowledgement that we have an opportunity to be better. To be better, we have to do better, and to do better we must know better. That’s why we are listening, open to learning new things – about ourselves and each other. We will never stop striving for improved diversity, equity, and inclusion because we are successful together when we feel trusted and supported. It’s The Holman Way. At Holman, your total compensation goes beyond your paycheck. To position you for success and provide a rewarding career and better life for you and your family, Holman is proud to offer you the benefits you deserve; including protection against illness, disability, loss of work, or preparation for retirement. Below is a brief overview of the programs available to full-time employees (programs may vary by country or worker type): Health Insurance Vision Insurance Dental Insurance Life and Disability Insurance Flexible Spending and Health Savings Accounts Employee Assistance Program 401(k) plan with Company Match Paid Time Off (PTO) Paid Holidays, Bereavement, and Jury Duty Paid Pregnancy/Parental leave Paid Military Leave Tuition Reimbursement Benefits: Regular Full-Time We offer excellent benefits including health, vision, dental, life and disability insurance, and 401(k) with company match. Our time off benefits include Paid Time Off (PTO), paid holidays, bereavement, and jury duty. In addition, we offer paid pregnancy and parental leave, and supplemental paid military leave to eligible employees. Click here for Washington State benefit information. Temporary or Part-Time In geographic areas with statutory paid sick leave, part-time and temporary employees will receive a paid sick leave benefit that meets the mandated requirements. Click here for Washington State benefit information. Pay: We offer competitive wages that are commensurate with job-related skills, experience, relevant education or training, and geographic location, starting in the range of $97,450.00 – $141,300.00 USD annually for full time employees. The annual compensation range is comprised of base pay earnings. Holman provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws. This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.
infrastructure systems powershell Python MITRE ATT&CK Azure OWASP Networking Information security remote work DevOps cloud-computing Engineering Software Developer operating-systems