Information Security Engineer

Red Nucleus is hiring an Information Security Engineer to join our Global IT Team! 

Our purpose is advancing knowledge to improve lives. We succeed by being the premier provider of strategic solutions for learning and development, R&D, Medical Affairs, Market Access, and Commercial partners in the life sciences industry. Our global team is composed of over 900 full-time employees whose commitment to creativity, quality, and on-time delivery is unrivaled in our space.

At Red Nucleus, we believe in providing a rich working environment that pushes us to innovate in ways that engages our employees to be their best selves. Our culture is about meaningful work, a true sense of community, and fun. We love to celebrate our people and we are proud to have been Internationally recognized as a “Great Place to Work".

How you Will Contribute

As an IS Engineer, you will assist in Security Governance projects and day to day operations of the security program. This role will be responsible for vulnerability management, incident detection and response, access reviews and assisting in audit activities. 

Primary Responsibilities:

• Manage Identity and Endpoint related security detections and incidents generated via Egnyte, CrowdStrike and Sprinto.
• Work closely with IT to ensure security of infrastructure and accounts.
• Assist in developing and enhancing Governance, Risk, and Compliance (GRC) processes and tools.
• Assist with the completion of client security questionnaires, ensuring clear and accurate responses.
• Assist in incident response efforts, including forensic analysis and mitigation strategies.
• Lead in the remediation of findings from external penetration testing.
• Assist in the administration of Red Nucleus’ cloud file management platform, Egnyte.
• Point of contact for Red Nucleus’ managed security services provider (Artic Wolf Networks, CrowdStrike) for responding to alerts, incident remediation, root cause analysis.
• Document technical solutions and develop how to’s to assist IT Services with troubleshooting and technical understanding
• Participates and sometimes leads projects within IT and for the greater organization.
• Must be generally available to assist with critical issues and respond to support questions, something after business hours.
• Review industry cybersecurity frameworks and enhance relevant controls.
• Assist in ongoing security training and education efforts for employees across the organization.
• Review security awareness user activity for noncompliance and report findings to management.
• Help to support and enforce security requirements.
• Help to identify and implement security related improvements.

About You

Education:      

• Bachelor's degree in IT, or equivalent years of training and experience required
• Industry certifications such as CISSP, CISA, CISM helpful.

Experience:

• Information Security Technologies – Knowledge of technologies and technology-based solutions/service and how they relate to data protection and audit compliance.
• Risk Remediation - Experience interpreting real time vulnerability data and leading remediation planning and execution
• Cloud architecture and services – Strong understanding of SaaS, IaaS and technology utilized by major cloud service providers.
• IT Architecture – Knowledge of and ability to design and improve organizational IT structures and roadmaps in order to better support business operations and efficiently achieve organizational objectives.
• Systems Administrations – Some experience building and troubleshooting IT systems running on Windows OS.
• IT Industry and technology currency – Understanding of emerging technology around Cyber Security, Data Protection, cloud, service management
• IT Standards, Procedures & Policies – Knowledge of and the ability to author documents and procedures relating to data protection, disaster recovery, cyber security.
• IT Systems Management – Knowledge of and ability to utilize a variety of technical tools and techniques to guarantee data protection and recovery.
  • Experience with Egnyte cloud file platform helpful
  • Experience working with manages security services, i.e., Arctic Wolf Networks
• Experience working in the life sciences industry or heavily regulated environments desirable- knowledge of computer system validation (CSV) helpful

Technical Skills

• Experience with some of the following technology:
  • Intune
  • Directory Services (e.g. AD, LDAP)
  • Enterprise and end point backup solutions
  • CrowdStrike
  • Managed security services
• Knowledge of risk management and vulnerability assessment processes.
• Understanding of security frameworks (e.g., NIST, ISO 27001).
• Experience with SIEM, security automation tools, or cloud security platforms.
• Experience working with cloud-based file management systems
  • Egnyte experience is an advantage
• Change management systems

Soft Skills:

• Excellent written and verbal communication skills
• Strong sense of ownership
• Ability to work both independently and as part of a team
• Strong analytical skills
• Strong organizational skills
• Initiative, drive and enthusiasm
• Good planning and organizational skills
• Ability to multi-task, prioritize, adapt to changing environment

Physical Requirements:         

• Sitting at a desk for 6-8 hours a day
• Working on a computer for 6-8 hours a day.
• Typical office environment
• Must be able to pass pre-employment screening that includes background and drug testing.
• May be required to work long and unpredictable hours.
• The ability to travel as needed

What You Will Enjoy at Red Nucleus

• Competitive pay, incentives, retirement, and income security programs
• Comprehensive benefits and wellness programs focused on healthy lifestyles
• Generous paid time off, employee assistance programs and flexible work arrangements
• Performance-driven environment including professional development and transfer opportunities
• People-first culture fostering self-expression, diversity, and a growth mindset
• Celebrations! We love to celebrate service anniversaries, holidays, diversity and inclusion events, project milestones and anything else meaningful to our employees
• Support of community organizations you are passionate about
• Ongoing programs and events designed to bring our global team together

Diversity, equity and inclusion are valued at Red Nucleus and we believe we have a shared responsibility to provide equal opportunity and foster an inclusive spirit.  We do not discriminate on the basis of race, color, national origin, religion, caste, sexual orientation, gender, age, marital status, veteran status, or disability status.

To learn more about working at Red Nucleus, please visit Careers | Red Nucleus.

#LI-TE1