Senior Enterprise Security Engineer
TraceLink has built the world's largest cloud-based network dedicated to protecting patients, ensuring compliance and growing profits across global life sciences. The TraceLink Life Sciences Cloud is our network, platform and community that links people, processes and information everywhere from ingredient to patient.
Businesses across the globe, including 16 of the top-20 pharmaceutical companies, trust us to help them manufacture and deliver safe, secure medicines to the patients who need them anywhere in the world. We need game changers ready to break down business barriers, master new technologies and become trusted advisors for some of the largest and fasting growing companies on the planet. How will you challenge yourself? Learn more about TraceLink.
The Senior Security Engineer is responsible for the advanced technical planning, development, implementation, and operational management of the company's network and security infrastructure to ensure a reliable, responsive, and secure environment. This includes the design, implementation, management, and monitoring of the security infrastructure and processes as well as leading efforts around vulnerability management, incident and event management, and working with various technologies to secure dynamic and growing environments. Application of security technologies, ISO, NIST, and HIPPA-based security controls and industry best practices in a GxP environment.
This role will primarily focus on the TraceLink corporate environment but as needed provide support initiatives related to the Life Sciences Cloud environment.
Major Duties / Responsibilities
Strategic / Consultative
- Provide network security expertise and guidance around security issues and recommend solutions to mitigate and eliminate risk to TraceLink information assets
- Contribute to the development and enhancement of policies, standards, procedures, guidelines, and controls
- Align initiatives with ISO 27001 and other industry standards
- Review security capabilities and proactively work to identify and implement new capabilities
- Evaluate and recommend new and emerging security products and technologies
- Enhance threat intelligence and assess applicability of reports
- Perform internal security audits including vulnerability scans and password auditing; assess, prioritize, and respond to findings
- Collaborate with IT to manage existing security controls
- Create, modify, test, and implement approved changes
- Review logs, correlate events, and investigate anomalous activity
- Implement/enhance reporting to ensure comprehensive visibility of issues
- Respond to incidents; partner with other teams as needed to resolve
- Drive improvements to design and operational effectiveness of security controls
- Maintain current standard operating procedures, controls documentation, and configuration management
- Maintain detailed documentation of network security solutions and technical security standards
- Review and execute support, change, and policy tickets
Skills and Requirements:
- Bachelor's degree in Computer Science, Information Systems Security, Business Administration or related field
- Minimum 6-8+ year's relevant experience with a proven record of success
- A minimum of 6 years of experience securing Windows systems
Expert knowledge with security concepts and technologies including:
- VPNs, IPSEC, SSL/TLS
- Network security monitoring & traffic analysis
- Network admission controls
- Data Loss Prevention
- Two-factor authentication standards and technologies
- Federated authentication standards and technologies
- Experience with open source tools for security management, monitoring, and analytics
- Excellent analytical, reasoning, and problem solving skills with good knowledge of tools and techniques for anticipating, recognizing, and resolving technical problems
- Experience with network architecture methodologies, standards, and tools
- Experience with the application of threat modeling or other risk identification techniques
- Excellent verbal and written communication skills, including executive-level presentations
- Detailed knowledge of system security vulnerabilities and remediation techniques
- CISSP, CISA, CEH, SANS Security, or other industry and vendor-specific security certifications
- Experience securing Linux (CentOS/RHEL) systems
TraceLink offers their employees a comprehensive, best-in-class benefits package. The package includes, medical insurance (HMO and PPO), dental and vision coverage, life insurance, AD&D, short-term and long-term disability. Employees are also eligible for a bonus plan. Employees in the Sales department are offered a competitive commission structure. In addition, all employees are offered stock options at the time of hire.
- On-site Gym (Free)
- Fully stocked kitchens
- Free Catered Lunch and Dinner, every day
- Thirsty Thursdays (Beer and Wine Socials)
TraceLink is headquartered in North Reading, MA just off I-93 Exit 39 (Concord St).
The duties listed in this job description are intended only as illustrations of the various types of work that may be performed. The omission of specific statements of duties does not exclude them from the position if the work is similar, related, or a logical assignment to the position.