About

• Description
• COMPANY
• Parachute is a Managed IT Service Provider. We have a friendly and supportive work environment, with a hands-on leadership team. Our client base is comprised of a wide variety of businesses, professional service firms, and non-profit organizations located in San Francisco, the East Bay, along the Peninsula, the South Bay, and throughout the Sacramento Valley with many with national and international remote offices.??

• POSITION
• The Security Engineer is responsible for maintaining and supporting the security infrastructure for Parachute and its customers. The role is operational on a daily basis focusing on the implementation and support of the following platforms: SIEM, EDR, Network Security, Vulnerability Management, Firewall Rule Management. Additional responsibilities include process definition, documentation, overseeing incident resolution activities, managing, and executing assigned project tasks or small projects including major version upgrades, transitions of service for clients, productivity enhancements, and integration with Parachute infrastructure. This position reports to the IT Security Director and is remote in the United States.

• Essential Duties and Responsibilities
• Perform client risk assessments, analyze the gathered evidence, and support risk remediation activities, including the development and oversight of required corrective action plans
• Deploy, maintain and troubleshoot Vulnerability Scanners, SIEMs, and other security products for both Parachute and external clients
• Manage vulnerability scan schedules and remediation processes for both Parachute and external clients
• Maintain solid understanding of all technical implementation details necessary to assess security controls for both Parachute and external clients
• Oversee Security Awareness Training programs for both Parachute and external clients
• Identify, research, and evaluate vendors for security risk and present findings to relevant stakeholders
• Demonstrate familiarity with security principles and best practices, including a working knowledge of endpoint security, network security, and supply chain risk management
• Leverage both qualitative and quantitative risk analysis to inform and prioritize risk remediation decisions
• Troubleshoot, research the root cause of, and resolve security or risk issues
• Assist in maturing the overall security program and aligning it with required security frameworks
• Perform escalated incident response and resolve escalated security events
• Coordinate with client IT departments to maintain the solutions that Parachute deploys
• Recognize potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information
• Requirements
• Essential Technical Skills and Experience
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate information security and risk-related concepts to technical and non-technical internal and external stakeholders.??
• Sound knowledge of business management and a working knowledge of information security risk management and cybersecurity technologies.??
• Data privacy, compliance, security, and project management.
• Understanding of risks and internal controls and the ability to evaluate and figure out adequacy and efficiency of controls.

Work Experience/Education

• In-depth knowledge and expertise in one or more of the following platforms: SIEM, EDR, vulnerability management, firewall rule management.
• Must be able to provide guidance on architecture and design, data flows, data model, endpoint configuration, and troubleshooting.
• Knowledge of common scripting tools, PowerShell, Graph, Python, Bash.
• Strong, in-depth analytical and problem-solving skills.
• Good awareness and experience in a wide range of security tools.
• Good organizational and project management skills.
• Team player able to lead a small project team when required and also work independently
• Knowledge of information security risk management frameworks and compliance practices?
• Knowledge of securing network technologies, client, and server operating systems.?
• Ability to develop security standards and guidelines based on best practices and industry standards.?
• Ability to explain technical details to non-technical staff.?
• Excellent interpersonal, communication, and presentation skills, including formal report writing experience.?
• Strong desire to be a part of, and contribute to, a high-performing team.?
• Willingness to coach and be coached.??
• Strong sense of ethics.
• Experience with Qualys, Blackpoint, Huntress, and/or other major EDR and MDR tools a plus.
• Security Certifications such as CISSP strongly preferred.

Benefits

• Medical/Dental/Vision
• Life
• FSA
• 401k + company matching
• 15 PTO days
• 8 – 10 paid holidays per year
• Paid day off for your birthday
• Job Type: Full-time remote in the US