Security Engineer

*
* Job Description:

**** About SEKO
** SEKO started out in business in 1976, operating out of a single Chicago office. Since then, we have built a solid reputation throughout the world as an innovative and flexible provider of first-class logistics services. We provide complete Supply Chain Solutions, specializing in transportation, logistics, forwarding and warehousing. We also lead the industry with innovative and customizable IT solutions, which provide a seamless flow of information and give our growing customer base true supply chain visibility.

With over 120 offices in 40 countries worldwide, our unique shareholder management model enables you to benefit from Global implementation experience and expertise across all industry sectors, coupled with vital in-country knowledge and service at the local level.
** KEY

ACCOUNTABILITIES INCLUDE**:

* Continuous improvement, implementation, management, and enhancement of managed security platform tools (both in-house and managed security services).
* Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
* Participate in assimilating recommendations from threat intelligence providers to Document security threats and assess the damage they cause.
* Review email security SaaS platform data, review cloud-based email system/data, review cloud data, and review end-point protection platform on daily basis for potential security incidents.
* Prioritize, resolve, and mitigate known and reported vulnerabilities to maintain a high-security standard. Work collaboratively with teams to assist them in resolving vulnerabilities
* Develop and implement company-wide best practices for IT security and risk mitigation.
* Develop global security awareness and training program.
* Implement, maintain, and monitor controls based on common security frameworks.
* Work with external parties to routinely test for internal and external vulnerabilities.
* Train IT staff on best practices and implementation requirements for a secure infrastructure and Dev Ops.
* Build security workflows for secure code deployment and validation of existing code.
* Research security enhancements and make recommendations to leadership.
* Stay up to date on information technology trends, services, technologies, compliance/regulations, and industry security standards.
* Develop a culture built around awareness and risk avoidance.
* Maintain patch management of servers, PCs, etc. and report for compliance reasons on routine basis.
* Participate in the development of a safe and healthy workplace. Comply with instructions given for their own safety and health and that of others, in adhering to safe work procedures. Co-operate with management in its fulfilment of its legislative obligations.
* Other duties as assigned by management.
** REQUIREMENTS**:
* Experience in translating penetration test results and security assessment recommendations into actionable plan and implementing those recommendations.
* Understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
* Ability to identify and mitigate network vulnerabilities and explain how to avoid them.
* Understanding of patch management with the ability to deploy patches in a timely manner while understanding business impact.
** EDUCATION & EXPERIENCE**:
** Minimum:
*** Bachelor's degree in computer science or related field.
* 5+ years’ experience in information security or equivalent experience managing various aspects of security such as identity management, firewalls, security awareness SaaS platforms, and working with managed security providers providing SIEM/firewall support.
** Preferred:
*** GCIH, Cloud Security certifications, MDR Certifications with vendors, any GIAC Certification
* Experience in deploying zero-trust network access products and supporting it
** SPECIALIST CERTIFICATIONS**:
* Any GIAC Certification above entry level
** REQUIREMENTS**:
* Experience in translating penetration test results and security assessment recommendations into actionable plan and implementing those recommendations.
* Understanding of firewalls, proxies, SIEM, antivirus, and IDPS…