The Security Engineering Manager is responsible for the design, implementation, and maintenance automation around security controls and processes across all security domains. The position will focus on improving operational efficiencies and reliability of the existing security solutions while continuing to evaluate and acquire new technologies, and timely divest outdated solutions. The Security Engineering Manager will ensure the assigned services such as Cloud, network, systems, middleware, endpoint, and other security services are effectively deployed, maintained, and optimally configured to mitigate threats against the company and apply IT expertise to Information Security and lead our transformation into an Agile & DevSecOps focused organization.
Although the location of the position is in Newton, NJ or Jessup, MD, from time to time it may be required to undertake duties at other Thorlabs locations.
Essential Job Functions include the following, but are not limited to:
- Maintain sufficiently close contact with IT Infrastructure and Operations team, ongoing projects and tasks to maximize on-time and on-spec delivery of security solutions
- Ensure work complies with Problem Management, Change Management, and Disaster Recovery procedures
- Lead the development and implementation of automated preventative, detective, and remediation security measures to protect against emerging threats and vulnerabilities
- Develop and engineer security processes to integrate security seamlessly into IT infrastructure deployment workflows and with pipelines and tools
- Partner closely with Security Operations Center (SOC) teams around detection, alert and Security Orchestration Automation and Response (SOAR)
- Partner with Governance, Risk, and Compliance (GRC) team on vulnerability management processes integration, including identification, prioritization, and remediation of security vulnerabilities flow
- Partner with GRC team to coordinate and automate elements of testing, security assessments, and threat modeling activities to identify and address security risks proactively
- Implement effective change management processes to ensure that security controls are maintained and updated in response to changing threats and business requirements
- Collaborate with customers and partners to address security requirements and concerns, providing guidance and assurance
In addition to the essential functions and duties listed above, all positions are also responsible for:
- Meeting company standards pertaining to quantity and quality of work performed on an ongoing basis, performing all work related tasks in a manner that is in compliance with all Company policies and procedures
- Adhering to Company policies, procedures, and directives regarding standards of workplace behavior in completing job duties and assignments
The Company retains the right to change or assign other duties to this position.
Physical Activities:
This is largely a sedentary role; however, it may require the ability to lift, bend or stand as necessary. The employee may occasionally lift or move objects up to 25 pounds.
Requirements
Qualifications
Experience:
- Minimum 10 years of experience in Enterprise IT.
- Minimum 4 years of management experience in an IT environment characterized by multiple processing platforms and 24/7 operational support, data center security operations, and software development.
- Minimum 4 years of technical engineering experience in two or more of the specific Security Engineering disciplines: Security information and event management (SIEM), Network Security Tools (Firewalls, IDS/IPS, NAC), Application Security Tools (Web Application Firewall, Pen Testing), Endpoint Detection and Response (EDR), and Cloud Security Systems and Tools.
- Experienced in Linux and Windows operating systems, and enterprise network equipment. Bonus: experience with Microsoft Sentinel, and Microsoft Defender products.
- Experience with compliance and regulatory requirements, including GDPR, HIPAA, CCPA, and regulatory frameworks (PCI, NIST, CIS, ISO).
Education:
- Bachelor's degree in computer science, Engineering, related field, or equivalent work experience.
Specialized Knowledge and Skills:
- Experience with Amazon Web Services, Microsoft Azure, or Google Cloud Platform. Experience with VMWare a plus
- Strong knowledge in system hardening baselines, security assessments, and vulnerability management.
- Proficient in scripting and object-oriented languages such as PowerShell and Python.
- Understanding of cyber-attack stages, attacks methods, and exploitation; and the measures to minimize those risks.
- Experience in basic forensic event handling, and incident response.
- CISSP, CISM, or other relevant certifications preferred.
- Excellent communication and collaboration skills, with the ability to effectively engage and influence stakeholders at all levels.
- Strong analytical and problem-solving skills, with the ability to anticipate and mitigate security risks effectively
Thorlabs values its diverse environment and is proud to be an Equal Employment Opportunity/Affirmative Action Employer. All qualified individuals will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status. Job descriptions are not intended as and do not create employment contracts. The organization maintains its status as an at-will employer. Employees can be terminated for any reason not prohibited by law.
Benefits
Thorlabs offers a complete benefits package that includes medical, dental and vision insurance, company paid life insurance, a generous PTO package, a 401(k) plan, and tuition reimbursement just to name a few..