As part of the Security Team, this individual is responsible for supporting and contributing to security efforts focused on TraceLink’s corporate environment, both on-premise and in the cloud. This includes the design, implementation, operation, management, and monitoring of our security solutions designed to identify threats, protect the organization, and respond accordingly. Key focus areas are securing corporate assets, threat and vulnerability management, incident management and response, and supporting business needs with new ventures. This role will also help champion Security's message across the company by leading security awareness initiatives.

Responsibilities:

• Understand attacker methodology and associated controls/defenses
• Assist with configuration, operation, and maintenance of security tooling
• Support security awareness program content development, training, testing, and metrics
• Support analysis and reporting needs, testing controls, and gathering evidence
• Support incident triaging and response for security events; partner with other teams as needed to resolve
• Maintain detailed documentation of enterprise security solutions, technical security standards, controls documentation, and configuration management
• Provide enterprise security guidance around security issues and recommend solutions to mitigate and eliminate risk to TraceLink information assets
• Identify opportunities for improvement; research and recommend approaches

Requirements:

• 2+ years of relevant experience operating and maintaining security tooling such as vulnerability management, EDR, EPM/PAM, DLP, SIEM, etc.
• Understanding security concepts and applying tooling for securing, monitoring, auditing, and testing on-premise and cloud infrastructure
• Knowledge of system security vulnerability classes and remediation techniques
• Knowledge and experience with securing Windows, macOS, and Linux environments
• Experience with open source tools for security management, monitoring, and analytics
• Experience with threat modeling or other risk identification techniques
• Analytical, reasoning, and problem-solving skills
• Excellent verbal and written communication skills
• Success with relationship building and working cross-functionally

Preferred:

• Experience deploying in Public Cloud Services (AWS preferred)
• Experience with scripting for automating repetitive tasks and supporting integrations
• Experience with Infrastructure as Code (IaC)
• Experience with security awareness training and testing
• CCSP, CISSP, CISA, CEH, SANS Security, or other industry and vendor-specific security certifications
• Bachelor's degree in Computer Science, Information Systems Security, or related field, or equivalent experience