[Remote] Senior Security Engineer
Note: The job is a remote job and is open to candidates in USA. ARC-One Solutions is focused on delivering reliable and secure infrastructure for product development. As a Senior Security Engineer, you will protect digital assets through the management and optimization of security technologies and collaborate with various teams to enhance security posture.ResponsibilitiesDeliver reliable, secure, and compliant infrastructure that enables rapid and safe product developmentStrong security posture integrated into all Cloud and DevOps workflowsClear processes, documentation, and governance supporting regulatory audits with confidenceDeploy and manage EDR solutions across enterprise endpoints including workstations, servers, and mobile devicesAdminister SIEM platform including log source onboarding, parsing, and correlation rule developmentCreate dashboards and reports for security metrics, compliance, and executive visibilityServe as escalation point for security incidents following established proceduresDevelop and maintain incident response playbooks for common attack scenariosParticipate in tabletop exercises and conduct post-incident reviews to improve security postureEstablish and maintain a continuous vulnerability management programMonitor threat intelligence sources for emerging threats, exploit activity, and vulnerabilities affecting the organizationIntegrate vulnerability data with SIEM and EDR for enhanced threat correlationStay current with emerging threats, attack techniques, and security technologiesInvestigate and respond to reported phishing emails and business email compromise (BEC) attemptsCreate and tune DLP policies to prevent unauthorized data exfiltration while minimizing false positivesCollaborate with business units to understand data flows and implement appropriate DLP controlsConduct training sessions on security best practicesStay up to date on the latest IT trends and technologiesSkillsBachelor's or Master's degree in computer science, Information Security, Cybersecurity, or related fields. Equivalent work experience may be considered in lieu of a degree5+ years of progressive experience in Cyber Security EngineeringExperience conducting incident response investigations and forensic analysisHave a track record of managing security incidents from detection through resolutionExperience securing AWS or Azure environments, including container orchestration (Kubernetes)Understand security frameworks (NIST CSF, CIS Controls, ISO 27001, MITRE ATT&CK)Knowledgeable of compliance requirements (PCI DSS, HIPAA, SOX, GDPR) as applicableExperience operating in highly regulated environments, ideally medical devices (ISO 13485, IEC 62304) or similarly regulated fieldsStrong understanding of secure software development practices and Cloud securityStrong incident response, reliability engineering, and operational excellence mindsetScripting skills for automation of administrative and security processesComfortable with virtualization and containerization technologiesUnderstanding of software development life cycle (SDLC) and Agile methodologiesExperience working in a SaaS-based product development organization or FDA-regulated medical device environment desiredMicrosoft, Cloud, and Security certifications are a plusBenefitsFlexible work hours in a fun collaborative environment.Working remote requires a reliable internet connection.Must have the ability to travel, as needed for company meetings.Company OverviewARC-One Solutions is an IT company that specializes in software development, IT consulting, and quality management services. It was founded in 2020, and is headquartered in Miramar Beach, Florida, USA, with a workforce of 51-200 employees. Its website is https://arc-one.com/.