POSITION SUMMARY:

The Product Security Engineer (PSE) will provide security guidance to members of the Service, Proactive and Health, Product Management, and other departments to assist in the successful delivery of security products to JMARK's clients, consistent response to security incidents, and to reduce client and JMARK risk.

The PSE will provide an escalation point for questions regarding security alerts, incidents, or products for the Service Department. This role will also assist with installation and configuration guidance for new and existing products, assist with evaluating new security products, provide recommendations for proposed tuning or configuration changes in security products, and assist with developing, updating, and training on incident management processes.

The PSE will identify, develop, and manage security initiatives that can improve security, reduce risk, and reduce incidents internally or for clients. This role will also participate as a Security SME in initiatives for other departments.

The PSE will act as an incident manager for client and internal incidents. For client incidents, this role will work with Service Department leadership to provide guidance on all aspects of incident response, including client communications, and insurance and forensic activities.

Duties and Responsibilities:

• A thorough understanding of JMARK's security products.
• Provide a high level of customer service and support to all employees according to JMARK's core values.
• Champion and strengthen security culture by encouraging all employees to remain committed to security controls and initiatives.
• Empathetically collect and consider end user feedback on controls and initiatives to increase user adoption and positivity.
• As a Security SME, assist other departments with the evaluation of new products, development of installation and configuration guidance for new and existing products, and recommendations for proposed tuning or configuration changes in security products.
• Provide incident response for client and internal security incidents and provide post-event analysis.
• Track, monitor, and report on key security initiatives, milestones, deliverables, resources, remediation items, and/or findings through completion.
• Work with the team to ensure that security team initiatives, milestones, and goals are accomplished.
• Research and monitor emerging threat and vulnerability information, and initiate appropriate response procedures.
• Perform periodic maintenance/updates to information security tools and applications.
• Perform primary or secondary admin functions for security and network infrastructure systems as requested by supervisor.

Competencies:

To perform the position successfully, an individual should demonstrate the following competencies:

• JMARK Core Values
• Communication Skills
• Customer Service
• Job Knowledge
• Time Management
• Technical Credibility
• Technology Management

Skills and Qualifications:

It is impossible to list all of the skills and qualifications that an individual will need to efficiently perform in this position. Listed are general skills and qualifications that individuals should have or should be striving to achieve in order to be qualified for this position.

Requirements:

• Knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, and incident management
• Proficient in Incident Management and response
• Proficient in security best practices and analysis
• Experience in secure network topology design
• Experience in threat management
• Excellent communication and leadership skills
• Experience with vendor management

Licenses & Registrations:

• Valid driver's license
• Proof of vehicle insurance
• Reliable and suitable transportation that can be used as required to perform duties if needed.

Experience:

• Experience focused on Networks and Security with experience in working with teams
• BS Degree in IT Networking and/or Security or relevant work experience
• Experience as part of a Microsoft Partner organization
• Experience working for a managed services organization
• Certification in one of the following preferred: Security+, CISSP, GCIH, GSEC