The System Security Engineer is directly responsible for the deployment, operations and maintenance of security tools and capabilities in on premise and AWS cloud environments. This position is a hands-on, operational engineering role with a programmatic element to help shape the security controls, technologies and architecture. This role covers corporate and member facing security technologies. KEY RESPONSIBILITIES Responsible for assisting the CISO with building security operations, administration of logical and physical access, monitoring of threats against the organization and membership, vulnerability management, intrusion detection/prevention, malware detection/prevention/analysis, data loss prevention, forensics, incident response, key management, and event logging/correlation. Design, deploy, operate and maintain security tools and capabilities in enterprise on premise and Cloud environments including: Qualys, TrendMicro Deep Security, Proofpoint, GuardDuty, Redlock, Akamai, O365 and others. Select, implement and oversee the implementation of security, controls, templates and policies to comply with Fedramp security requirements. As appropriate, serve as project manager/lead within IT security project deployments, gather technical requirements, develop project scoping documents, prepare deployment schedules and assess resource requirements and constraints. Assist with development of information security processes and procedures in support of the information security office. Provide input to the security and technology roadmaps As part of the team, liaison with business stakeholders and technologists to understand integration requirements with external systems, networks, and organizations. Assess system designs to validate them against expected technical parameters Identify, analyze, define, and coordinate user, customer, and stakeholder needs and translates them into hardware and software requirements. Identify technical risks and develop mitigation strategies. ESSENTIAL FUNCTIONS Perform data to day management of security tools and capabilities to include system updates, configuration updates and enhancements to existing and new secure tools and capabilities. Support and manage installing, configuring, monitoring, and troubleshooting network security solutions and related monitoring tools including L2/L3 network security devices, IDS/IPS, Full packet capture, DLP, Endpoint (AV, DLP, Endpoint Detection & Response), and infrastructure supporting log management based on industry best practices, and technical requirements. Design, configure and maintain native and integrated AWS security services including but not limited to CloudTrail, GuardDuty, SSM, Redlock Manage outsource providers in a MSSP relationship (Vendor Management) to include contract management, SLA management, event resolution, escalations, etc. Investigate and resolve security incidents. Plan and carry out projects for routine application or hardware upgrades. Implement automation for health and status monitoring of security tools. Collect measurements, analyze data and provide metrics to report on compliance, security posture and health of security tools. POSITION QUALIFICATIONS Experience defining, implementing and verifying technical security controls Working knowledge/experience in developing cloud security capabilities Strong understanding of and experience with Cloud Security tools such as SSM, GuardDuty, Redlock, etc. At least 5 years of use of end point solutions, firewalls, IDS/IPS and CISecurity baselines. Experience with Active Directory, Active Directory Federation Services (ADFS), SAML, web Single Sign-on (SSO), OAuth and related authentication technologies a plus. Knowledge of Transport Layer Security / SSL principles and management Strong communication skills Ability to work independently with minimal direction as part of a lean team Demonstrated teamwork and dependability. Global work experience & Multi-cultural knowledge a plus Fundamental belief that security is a business enablement function EDUCATION AND EXPERIENCE 5+ years of system security engineering required 2+ years of cloud security experience BS in Computer Science or a related field desired Security+, CASP, CISSP, or other IT Security certification desired We are an equal opportunity employer. All applicants will be considered for employment without attention to race, color, religion, sex, sexual orientation, gender identity, national origin, veteran or disability status.