We are seeking a highly skilled and experienced Security Engineering to join our dynamic and growing team. As an Information Security Engineer, you will play a critical role in ensuring the confidentiality, integrity, and availability of our company’s critical information assets. Your primary responsibility will be to design, implement, and maintain security control that protects our systems and data from cyber threats.
· Typical office environment Mon-Fr during the hours of 8 A.M. to 5 P.M.
· The position may require occasional travel of for continuing education, training or support.
Duties and Responsibilities:
- Design and implement security solutions: Collaborate with cross-functional teams to design, deploy, and maintain security solutions. The security solutions include, but are not limited to, firewalls, IAM, SIEM tools, EDR, cloud security, Zero Trust, etc. Ensure security solutions align with industry best practice and compliance requirement.
- Lead and participate in security-related project, ensuring that project goals, timelines, and deliverables are achieved.
- Manage firewall ruleset to allow only business communications.
- Monitor, analyze, and respond to security incidents and events. Develop and enforce security policies, standards, procedures, and guidelines to enhance the overall security posture of the Company.
- Assist in the management of the Company’s Cybersecurity Incident Response Plan.
- Design, implement, and manage IAM solutions to ensure appropriate access controls and identity lifecycle management. Evaluate and enhance IAM processes to streamline access provisioning, deprovisioning, and authentication mechanisms.
- Continues improvement and tuning of security controls to stay ahead of emerging threats.
- Conduct regular risk assessments, vulnerability scans, and penetration tests to identify security weaknesses and recommend remediation strategies. Collaborate with IT and development teams to ensure timely patching and remediation of vulnerabilities.
- Create and maintain comprehensive security documentation, including policies, standards, procedures, guidelines, and technical diagrams. Ensure compliance with industry standards, regulations, and legal requirements.
- Experience in designing and handling security controls with cloud infrastructure (AWS, Azure, Google Cloud, etc.) and working familiarity with Docker/Kubernetes.
- Analyses information to identify security risks and effect relationships and correlations. Identifies critical elements and assesses consequences of different courses of action and proposes solutions.
- Demonstrate information security best practice knowledge based on industry frameworks to conduct risks analysis and develop remediation or mitigation steps to reduce risk.
- Analyst security risks and their impact to company systems and data. Present findings and make recommendations to improve the Company’s protection capabilities.
Required Skills and Abilities:
- Proven experience in implementing and managing security controls in enterprise environments.
- Strong project management skills, including the ability to lead and coordinate security-related projects from initiation to completion.
- In-depth knowledge of security principles, best practices, and frameworks (e.g., NIST Cybersecurity Framework, CIS Critical Security Controls, etc.).
- Familiarity with regulatory requirements such as PCI-DSS, SOC and industry-specific compliance standards.
- Excellent understanding of network protocols, operating systems, cloud computing, and security technologies.
- Strong analytical and problem-solving skills, with the ability to analyze complex security issues and provide effective solutions.
- Solid experience in creating and maintaining security policies, procedures, and guidelines.
- Excellent communication skills, both verbal and written, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.
- Strong teamwork and collaboration skills, with the ability to work effectively in cross-functional teams.
Education and Experience:
- Bachelor's degree in Computer Science, Information Security, or a related field. Relevant certifications (e.g., CISSP, CISM, GIAC) are highly desirable.
- Five to ten years of information security experience
Physical Requirements:
Reasonable accommodations will be provided to enable individuals with disabilities to perform essential functions on a case-by-case basis.
- To perform this job successfully, the individual must be able to perform each essential duty satisfactorily.
- The physical demands described here are representative of those indicative of a typical corporate office. environment. This includes prolonged periods of sitting at a desk and working on a computer.
- Required to stand periodically; walk, hear, listen, talk, and visually see.
- Use hands to finger, handle, or feel; the ability to reach with hands and arm.
- The ability to lift up to 15 pounds at times.
Federal and State Disclaimer
ACN is an equal opportunity employer that is committed to diversity and inclusion in the workplace. We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.
To perform this job successfully, an individual must be able to perform each essential function satisfactorily. The requirements listed are representative of the knowledge, skill and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. ACN observes the Workers Fairness Act in South Carolina, protecting employees and applicants for employment with medical needs arising from pregnancy, childbirth or medical conditions related to pregnancy or childbirth This job description is not intended to be all-inclusive. Employee may perform other related duties as negotiated to meet the ongoing needs of the organization.
We prohibit discrimination and harassment of any kind based on race, color, sex, religion, sexual orientation, national origin, disability, genetic information, pregnancy, or any other protected characteristic as outlined by federal, state, or local laws.