Security Engineer Jobs

On behalf of our client, Affinity is seeking a Security Engineer will contribute to developing security requirements and designing and implementing security solutions. You will be joining a Cyber Security Team that is the source of expert cyber security advice, guidance, security operations, technical services and support that defends the organization against all cyber security threats. You will collaborate closely with business partners in an Agile-hybrid environment, enabling the effective and efficient delivery of secure, quality products.

This role has been identified as one that may work mainly remotely . We ask you to join us in the office occasionally for critical or urgent business needs, essential team meetings, and team-building events. Specific questions about remote work will be discussed during the recruitment process.

The position can be based in either Vancouver or Victoria, with occasional travel between the two cities. This role is targeting a Level 2 or Level 3 candidate.

• Level 2: Responsible for cyber security and risk analysis and operations and contributes to projects with a low-to-mid level of complexity and stakeholder engagement, typically acquired through 5+ years of experience. Works independently and has a professional level of competency within the role.
• Level 3: Responsible for cyber security risk analysis and operations and leads projects with a mid-to-high level of complexity and stakeholder engagement, typically acquired through 8+ years of experience. Works independently, provides guidance and training to others, and has an advanced level of competency within the role.

QUALIFICATIONS:

The following qualifications illustrate a standard Level 2 and may be scaled up in scope and depth of expertise or experience based on the level selected.

• Professional certifications such as Global Information Assurance Certification (GIAC), Certified Information Systems Security Professional (CISSP), Offensive Security Certified Professional (OSCP), Certified Information Security Manager (CISM) or equivalent experience is essential
• Must be able to implement programs and integrate security technologies and solutions to measure and sustain the security posture of large, complex environments
• Experience with securing cloud environments
• Expert knowledge in engineering secure systems
• Bachelor’s degree in Engineering, Computer Science, or a related technology field
• Experience with Agile methods (Scrum) and DevOps practices
• Must have excellent documentation, customer service, listening, communication and problem-solving skills

TECHNICAL SKILLS REQUIREMENTS:

Applicants should be able to explain on their resume the technologies with which they have non-technical and technical expertise.

• Systems engineering
• Data Classification and DLP solutions
• Conditional controls
• Security governance
• SOAR and security integrations
• Windows and Linux operating systems security, virtualization technology security, container security and serverless computing security, hardening systems against CIS Benchmarks
• Identity and access management systems for hybrid environments
• Secure application design principles
• Security project delivery
• Various networking technologies, including subnetting, NAC, DNS, encryption technologies and standards, VPNs, VLANs, VoIP and other network routing methods
• EDR and other endpoint protection technologies
• Cloud Native Application Protection Platform (CNAPP) systems and Cloud Security Posture Management (CSPM) systems
• Secure coding and secure infrastructure as code
• Zero Trust architecture, Zero Trust Network Access systems, Zero Trust application publishing
• Enterprise vulnerability management, including vulnerability assessment, remediation, and reporting
• Threat modelling
• Phishing and social engineering experience
• CIS Critical Controls
• Firewall, intrusion protection and intrusion detection systems
• User and entity behaviour analytics (UEBA) systems
• Red or Purple Team experience
• Privileged access management systems experience for hybrid environments
• Microsoft Azure security engineering and best practices
• Incident response

PRIMARY RESPONSIBILITIES:

The following responsibilities illustrate a standard Level 2, which may be scaled down or up in leadership, complexity, and autonomy based on the selected level

• Ability to document designs as well as produce technical reports in support of security initiatives
• Performs security monitoring of solutions and serves as a subject matter expert during security incident response events
• Ability to solve security problems in a technology project’s lifecycle
• Performs other related duties as required
• Undertakes special projects or assignments as required
• Helping others solve problems and perform root cause analysis
• Proactively identifies problems and raises solutions
• Performs validation and tuning of security testing tools to provide accurate and actionable results that drive improvements to overall security posture
• Integrates security systems together and designs conditional access systems
• Security awareness, security training, security orientations
• Consultation, system hardening consultation
• Writing security directives: Documenting security requirements
• Ability to communicate complex security issues and develop security user stories in the language that non-technical stakeholders can understand

TOP SKILLS NECESSARY

• Senior level Cyber Security experience - A minimum of 5 years of experience in progressively senior technical roles with responsibility focused on information security processes, products, and projects
• Wide breadth of info. Sec experience – Have 1 year of experience in any facet of Security Operations (Incident response, security investigations, security alerting, security reporting, security support), Vulnerability Management (identify, remediate, and mitigate vulnerabilities), Administration of security infrastructure (cloud networks, remote access, endpoint detection and response, identity and access management, multi-factor authentication, security logging and vulnerability scanning) and Security Audit (Product security reviews, secure design consultation, threat modelling, security design reviews, Privacy Impact Assessments, network design reviews, application security)

Affinity Earn:

Know someone who’s great for this, or any of our open roles? Earn up to $4,000/year for each successful referral through Affinity Earn. You can also earn up to $50,000 for helping us find new clients. Learn about our referral program at https://affinity-group.ca/earn/ or browse our jobs & follow us at https://www.linkedin.com/company/affinity-staffing/jobs/

About Affinity:

Affinity Group is a full-service Information Technology services and staffing company. We believe recruiting is about creating long term relationships that foster a mutually beneficial partnership - an affinity. Bringing a new style of recruiting founded on five core principles: Transparency – Flexibility – Efficiency – Agility – Inclusivity.

We teamed up with ClimatePartner on 2022 to offset our emissions and move toward being a more environmentally friendly company and we are proud to now be officially Carbon Neutral Certified.

For more information on Affinity, please visit www.affinity-group.ca

Job Number: 8520