YRCW, a nationwide Less Than Truckload (LTL) company that serves the US, Canada and Mexico, needs a lead technical expert for engineering, enhancing and supporting our enterprise-wide security solutions and processes. This role has responsibility for monitoring systems and networks, identifying threats and responding to security incidents. You will be responsible for implementing, enhancing and optimizing the use of security tools and controls to meet security and policy requirements. The Security Engineer II works with IT and business leadership to maintain processes and standards.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Process and Support (50%):
Manage and monitor all installed Network systems and infrastructure
Monitor and test server architectures, identify possible solutions, and work with customers to implement those fixes
Evaluates and responds appropriately to customer issues and requests. Handles highly complex issues with moderate assistance. Escalates when necessary to appropriate team or individual to resolve.
Works complex incidents, performs troubleshooting, and administers repairs. Drives team to meet team SLAs
Technology Innovation, Requirements Gathering, Design and Implementation (25%):
Install, configure, test and maintain Network infrastructure systems, application software and system management tools
Assists with maintaining and enhancing accurate documentation steps for installation, maintenance and configuration activities
Seeks opportunity to automate, simplify and consolidate Network Infrastructure platforms and processes
Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks
Actively participates in and assists with vendor contract negotiations for areas of technology expertise
Stays abreast of industry trends and best practices. Proactively identifies opportunities to leverage technology, improve processes, and enhance vendor relations to reduce costs and increase customer satisfaction. Works with management team to develop strategic direction for team.
Security Advisory & Audit Services (10%)
Intermediate knowledge and understanding of information technology concepts and principles, as a means of relating business needs to security solutions.
Understanding of project management, and input to providing tasks, milestones and time estimation within project plans
Helps to define security configuration and operations standards for security systems and applications.
Implements baseline security configurations for operating systems, applications, and networking and telecommunications equipment.
Peer Leadership (10%):
Actively coaches level one engineers, providing feedback as necessary
Is an SME for key areas of expertise and drive key projects or ongoing operational functions
Assists with strategy/roadmap, and identifies and recommends new technology solutions to meet business needs.
Adaptability - Maintaining effectiveness when experiencing major changes in work responsibilities or environment (e.g., people, processes, structure, or culture); adjusting effectively to change by exploring the benefits, trying new approaches, and collaborating with others to make the change successful.
Building Trusting Relationships - Using appropriate interpersonal styles to establish effective relationships with customers and internal partners; interacting with others in a way that promotes openness and trust and gives them confidence in one’s intentions.
Collaborating - Working cooperatively with others to help a team or work group achieve its goals.
Communication - Conveying information and ideas clearly and concisely to individuals or groups in an engaging manner that help them understand and retain the message; listening actively to others.
Continuous Learning - Actively identifying new areas for learning; regularly creating and taking advantage of learning opportunities; using newly gained knowledge and skill on the job and learning through their application.
Initiating Action - Taking prompt action to accomplish work goals; taking action to achieve results beyond what is required; being proactive.
Work Standards - Setting high standards of performance for self and others; assuming responsibility and accountability for successfully completing assignments or tasks; self-imposing standards of excellence rather than having standards imposed.
Minimum of three (3) years' IT or network security experience.
Bachelor's degree in information systems or equivalent work experience.
Security+, CISSP, CEH, CPT or equivalent certification preferred.
Knowledge and hands on experience working with leading firewall, network scanning and intrusion detection/prevention products and authentication technologies.
Experience with penetration and vulnerability testing techniques and fixtures
Knowledge and experience with encryption methods, IPsec, PKI, remote access services (VPN) and proxy services preferred
Technical knowledge of mainstream operating systems and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.
Knowledge of the fundamentals of project management, and experience with creating and managing project plans.
Experience in developing, documenting and maintaining security policies, processes, procedures and standards.
Design, configure, deploy, and maintain Web Application Firewall (WAF) and load balancer solutions (i.e. F5).
Provide expert guidance and oversight in assessing customers’ infrastructure, network and security systems design to identify risks, threats and vulnerabilities.
Proficient in network protocols such as TCP/IP, HTTP/HTTPS, SSH, SSL, BGP, DNS, SNMP, and VRRP
Proficient in analyzing and interpreting network packet captures
Experience with application security and how to successfully partner across security, network and application teams to improve overall security posture
Knowledge and hands on experience implementing and working with WAF and OWASP strategies. Direct experience with F5 Web Application Firewall protection products
Experience creating proactive monitoring and defense strategies, tuning rules, alerts and blocking configurations to improve security posture without impacting legitimate business traffic usage. Direct experience identifying, analyzing and responding to a variety of attack methods
Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
Ability to interact with personnel at all levels and across all business units and organizations, and to understand business imperatives.
Strong leadership abilities, with the ability to guide team members and to work with minimal supervision.
Strong written and verbal communication skills.
A strong customer/client focus, with the ability to manage expectations appropriately, to provide a superior customer/client experience and build long-term relationships.
This job operates in a professional office environment indoors. Routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets, and fax machines.
The position requires the ability to spend long hours sitting or standing while using office equipment and computers. Ability to perform repetitive tasks such as typing and keying. Continually speaking and hearing, giving and receiving directions. Occasional lifting, pushing/pulling, carrying 50 lbs of supplies and materials is required.
YRC Worldwide is an Equal Opportunity/Affirmative Action Employer
Minorities/Females/Persons with Disabilities/Protected Veterans