Security Engineer III at . Crane Worldwide Logistics.

ESSENTIAL JOB FUNCTIONSSupport security team projects such as threat modeling vulnerability scanning and auditsConduct design reviews testing of new infrastructure and uplift the security posture for existing environmentsBuild capabilities for automated evidence gathering through integration with our GRC platformExecute risk and threat analyst activities demonstrating findings from external and internal cyber trends and incidentsPropose and implement creative solutions to protect data across multiple platforms including endpoint email network databases and cloud applicationsCollaborate with software engineers DevOps and infrastructure teams product owners and across security teams to understand how data is used what protections are needed and implement solutionsSupport incident and vulnerability response in collaboration with other products and security teamDrive security engineering projects to eliminate attack vectors harden the platform and enhance monitoring and intrusion detection systemsLead discussions assessments tracking and overall reporting of technology security risksManage the effectiveness of tooling rationalizing tools as needed and identifying tool requirements as necessaryCoordinate with team members to maintain software and operate solutionsEngage with teams to identify shared problems and develop automationDefine metrics and key performance indicators to determine the effectiveness of the Security automation programAssess APIs and application endpoints for security deficienciesLead cross-collaboration with other engineering and products teams and influence technical direction as well as provide guidance for complex infrastructure security engineering initiativesMentor team members while providing vision and setting technical direction for the team as a technical leadDemonstrate technical leadership to manage and provide multiple technical solutions perform code reviews establish and enforce coding guidelines and best practicesServe as an internal security consultant to teams looking to make IT investments; ensure systems are designed in accordance with and are aligned to Cranes security policies and standardsInfluence the continuous improvement of the security programProvide ongoing assessments of the evolution of incident response tools and capabilitiesPerform ongoing monitoring of production security toolsProvide assistance to more senior level staff as necessaryAssist in the documentation of the security programIAM - Solution research assessment deployment and on-going supportIoT - Solution research assessment deployment and on-going supportPhysical Access Security - Solution research assessment deployment and on-going supportEndpoint - Solution research assessment deployment and on-going supportVulnerability management - Review and triage of vulnerabilities discovered via scanning toolsPerform periodic penetration testing of networks web-apps wireless environmentsPerform advanced threat hunting on an on-going basisDLP with Data Classification - Solution research assessment deployment and on-going supportOther Skills & AbilitiesKnowledge of risk management frameworks and applying risk methodologiesUnderstanding of conducting risk and/or self-assessment activities to identify key risk areas in the businessExperience associated with 3rd party risk assessments and understanding security in-depth principles to measure riskKnowledge of security auditing proceduresUnderstanding of DevOps and CI/CD practices and toolsEnthusiasm for scalable reproducible security managementExperience working on applications deployed within Azure and/or AWS is desirableProficiency with data formats and query languages (KQL PowerShell XML REST APIs and JSON Regular Expression etc.)Experience working with advanced firewalls DNS filtering and log management systems is desirableExperience working with advanced email filtering is desirableExperience with security compliance monitoring tools including SIEM tools GRC platforms vulnerability scanning tools DLP (Data Loss Prevention) PAM (Privileged Access Management) and other infrastructure security toolsIndustry certification preferred in one of the following areas: (e.g. CISSP CISM CRISC MS-500 or CISA)Familiarity with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework is desirableKnowledge of current data privacy laws (CCPA and GDPR)Excellent verbal and written communication skills and excellent time management abilitiesStrong customer orientation and excellent interpersonal and communication skillsEducation & Experience7 years of experience working with security frameworks and implementing cyber security controls across a heterogenous environmentExperience with public cloud architecture cloud strategy networking security and compliance workload typesExperience with traditional on-prem infrastructure management and auditingWHY SHOULD YOU WORK FOR CRANEAt Crane we believe in providing our employees with excellent benefits at a Great Place to Work.We offer:Quarterly Incentive Plan136 hours of Paid Time Off which equals 17 days for the year that can be used for Sick Time or for Personal UseExcellent Medical Dental and Vision benefitsTuition Reimbursement for education related to your jobEmployee Referral BonusesEmployee Recognition and Rewards ProgramPaid Volunteer Time to support a cause that is close to your heart and contributes to our communitiesEmployee DiscountsWellness Incentives that can go up to $100 per year for completing challenges in addition to a discount on contribution ratesCome join the leader in logistics and take your career in the right direction.Disclaimer:The above statements are intended to describe the general nature and level of work being performed by people assigned to this position. They are not to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time as needed.The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.We maintain a drug-free workplace and perform pre-employment substance abuse testing.This position requires the final candidate to successfully pass an E-Verify Check.More Information: benefits are contingent upon meeting eligibility requirements and plan conditions. Key Skills Splunk,IDS,Network security,Computer Networking,Identity & Access Management,PKI,PCI,NIST Standards,Security System Experience,Information Security,Encryption,Siem Employment Type : Full-Time Experience: years Vacancy: 1