Reports to: Chief Information Officer
Location: Remote USA, excluding Colorado
The Security Engineer is responsible for security monitoring and investigating security events. This role is also focused on building out automation to support all current security operational needs, along with preventing and mitigating future security risk.
- Troubleshoot security and network problems
- Oversee the process to gather, analyze, and assess the current and future threat landscape with the SOC by providing a realistic overview of risks and threats in the enterprise environment
- Design, coordinate, and oversee IT security testing procedures to verify the security of systems, networks and applications; Coordinate any remediation of identified risks with the SOC and IT domains
- Ensure SOC adherence to existing IT security policies/procedures to ensure operating efficiency and compliance; Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and follow policies and audit requirements
- Provide IT security communication, awareness and training for fellow employees and users, which may range from senior business leaders to regional staff
- Act as the main point of contact for all critical IT security-related incidents or security breaches with the SOC
- Conduct regular infrastructure audits, vulnerability assessments, penetrations tests
- Stay informed of emerging solutions to help mitigate security vulnerabilities
- This role can be completed from any anywhere in the United States, except for Colorado
- 2+ years of professional experience in cyber/IT security functions in roles related to: system admin, developer, pen tester, infrastructure engineer
- Extensive experience in securing cloud infrastructures in AWS
- Knowledge of vulnerability assessment, scanning and pen testing tools
- Knowledge of IDS/IPS, HIDS/HIPS, FIM, SIEM, Web Application Firewalls
- Experience with software application best practices (e.g. OWASP, CWE/SANS)
Candidates will be considered in totality of their skills and experience versus strict interpretation of “requirements.”
- Significant experience, certifications and understanding of Amazon Web Services including VPC, IAM, EC2, CloudTrail, GuardDuty, Cloud Config, FlowLogs
- Experience with firewalls and endpoint security
- Experience with Git, TravisCI, Docker, Kubernetes
- Experience using and auditing a variety of tools, applications and languages such as Ubuntu, PHP, Terraform, Packer, PHP, Python, Java, NodeJs
- Experience with pen testing and reporting of vulnerabilities
- Experience with common scripting languages or server-side programming (Python, Bash, PHP)
- Familiar with DevOps and using an Agile methodology to further Security programs and meet critical deadlines
Digital Media Solutions® (DMS) is a leading provider of technology-enabled digital performance advertising solutions connecting consumers and advertisers.
DMS is a growing company that provides team members with opportunities to learn new technologies and enhance their skills. In addition to competitive salaries, reliable work schedules, access to technology, an energetic and connected work culture and an impressive suite of employee health and wellness benefits, DMS also offers employees the chance to further acquire industry knowledge and network with colleagues.
The culture at DMS is built on a foundation of collaboration, support and inclusion. DMS believes in the power of teamwork. DMS is more than just an award-winning company, we are a team that supports one another, challenges each other and celebrates together.