SRS Distribution, Inc. is seeking an experienced hands-on Security Systems Engineer to be based out of our Corporate Headquarters in McKinney, Texas.The Security Systems Engineer is primarily responsible for all ongoing activities related to the availability, integrity and confidentiality of employee, and business information in compliance with SRS security policies and procedures, regulations and law.
We have had exponential growth in just 13 years and the ride isnt ending.Be ready to plan and work with the intention of doubling in size and beyond. This is a fast-paced environment and these are not just buzz words to us.
SRS believes in hiring military veterans at any level for any position.We know your service trained you in many of the areas that we value, such as; leadership, teamwork, performance, integrity, and safety. If your experience matches our requirements, we want you to apply today.
Position will be located at our beautiful, new, state of the art Corporate office:
7440 S. 121
McKinney, TX 75070
Required Education and Work Experience
Demonstrated and proven technical and operational management experience or equivalent experience. Ability to assess, analyze, and propose efficient and cost effective solutions to identified risks; Policy and procedure writing experience required. Strong interpersonal skills, strong organizational skills, a positive attitude, and customer service orientation.
Minimum of three (3) years in information security role, information security or IT operations with technical knowledge and hands-on experience in information technology areas such as: implementation/administration w/Information Security Tools Penetration Testing Information Security Incident Handling Information Security risk assessment, risk mitigation and incident response experience
CISSP or CISM certifications REQUIRED. Knowledge of relevant systems and tools such as: directory services, firewalls, user provisioning, identity and access management, auditing, encryption, SSO, forensics, SIEM, MDM
Duties and Responsibilities
Architects, designs, implements, maintains and operates information system security controls and countermeasures.
Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments.
Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.
Establishing, developing, and reviewing information security policies in association with appropriate individuals, committees, and departments to successful approval;
Defining technical and non-technical information security standards; i.e. PCI Compliance, procedures and guidelines in accord with compliance and regulatory requirements;
Collaborate with internal IT, Legal, and Administrative areas and committees as well as external functions such as Law Enforcement when appropriate;
Perform technical security control assessments, baseline validations to identify vulnerabilities, and control deficiencies as part of continuous monitoring program. Measuring, analyzing, and reporting on information security metrics and incidents;
Monitoring compliance with SRS security policies and procedures among employees, contractors, alliances and other third parties and taking corrective action when necessary;
Managing information security incident response, Supporting IAOs in the investigation and remediation of incidents or other policy violations;
Assisting with the development of disaster recovery and business continuity plans for information systems and testing readiness;
Monitoring advancements in information security technologies, changes in legislation, and accreditation standards that affect the organization;
Provide Subject Matter Expert (SME) support for development and review of security configuration standards for SRS systems, users, and environment including compliance requirements such as PCI/SOX and other supporting platforms/systems. Serving as an internal information security consultant to the organization;