: Provide advanced analysis, troubleshooting, and resolution of complex technical problems that impact the Information Security structure at data, application, service, operating system, and network levels. Secure company systems and applications, monitor and analyze threats, identify potential IT security incidents, identify potential weaknesses, assess risk, conduct enterprise vulnerability analysis and assessments, and develop and outline mitigation and remediation strategies. Use systems and network knowledge to integrate appropriate security functions into the operational environment. Coordinate the deployment of security technologies and processes using structured project management methodologies. Resolve customer escalations involving phishing, malware, and anomalous network or server behavior. Use technical and customer services skills to identify security problems, policy violations, and high-risk threats. Use independent judgment to resolve issues in a timely manner before escalation is needed. Maintain knowledge of the IT security industry including the awareness of new or revised security solutions, improved security processes, and the development of new attacks and threat vectors. Recommend additional security solutions or enhancements to existing security solutions to improve overall enterprise security on-premise and in the cloud. Maintain, modify, and enhance automated Information Security functional system tests and evaluations, risk assessments, software and hardware evaluations, access control, and other related systems. Execute risk assessments and risk management planning related to the information security features of on-premise and clouds based systems, networks, and related administrative activities. Provide leadership in the coordination and maintenance of disaster recovery, contingency planning, and testing that will mitigate against system and information losses and assure a successful recovery of the systems and information. Provide leadership in the identification and analysis of information security business practice irregularities and information security inactions and violations. Conduct detailed inquires, assess potential damage, monitor corrective action, and recommend cost-effective preventative measures to preclude recurrences. Perform the deployment, integration, and initial configuration of all new security solutions and of any enhancements to existing solutions in accordance with standard best operating procedures and the enterprises security documents. Maintain and administer on-premise and cloud-based security tools that protect corporate data and network environments. Monitor security architecture for capacity and forecast for future system growth and capability. Provide technical security leadership when investigating security incidents. Provide 3rd level support for security questions and issues while supporting other security engineers. Architect and design security solutions with minimal oversight. Monitor, configure, and upgrade the necessary controls and procedures to cost-effectively protect information systems assets from intentional or inadvertent modification, disclosure, or destruction. Monitor systems and security tools for security alerts and escalate as needed. Perform other duties as assigned.

Minimum Requirements: Bachelors degree in Computer Science, Information Technology, or a related technical field required. At least one of the following Information Security certifications required: CISSP, CISA, CISM, CEH, CCSP, or Security+. Five years of experience required working in an IT security role, including any experience with: administrating and implementing security tools; maintaining endpoint security for Windows and Linux systems; securing complex multilayer networks; performing IT monitoring; cyber threat identification and response; vulnerability analysis and mitigation; and providing front line (SOC) Security Operations Center detection and response services. Two years of cloud security experience required managing and maintaining SaaS security tools and AWS cloud security (i.e., Macie, CloudWatch, GuardDuty, WAF, SecurityHub) and performing AWS log reviews, updates, patches, and documentation. Any experience required with: compliance-related issues to PCI DSS and PII data security; security frameworks (i.e., MITRE, NIST, CSF); deploying and maintaining cloud proxies, Cloud Access Security Broker (CASB), Data Loss Prevention (DLP), and Cloud Security Posture Management technologies (CSPM); platform/application-specific technology (i.e., intrusion detection, firewalls, host-hardening, vulnerability management, encryption, patch management, shell/web scripting); ISO 27001, ITIL, and other controls applicable to network security monitoring/analysis, event escalation, cyber threat analysis, and vulnerability analysis; and with authentication technologies and processes (i.e., VPN, SSL, SSH, PKI). May work remotely from any Velera-approved U.S. location. Must have legal authority to work in the U.S. EEOE.

How to Apply: Email resumes to: Please reference KG05 + job title in subject line.