Information Security Engineer

First Quality was founded in 1989 and has grown to be a global privately held company with over 4,000 employees. Its corporate offices are located in Great Neck, New York, with manufacturing facilities and offices in Pennsylvania, South Carolina, Georgia, and Canada. First Quality is a diversified family of companies manufacturing consumer products ranging from Absorbent Hygiene (adult incontinence, feminine care, and baby care), Tissue (bath and towel), and Industrial (print and packaging materials), serving institutional and retail markets throughout the world. First Quality focuses on private label and branded product lines.

We are seeking an Information Security Engineer for our First Quality Enterprise working remotely from the Eastern Time Zone. This position provides leadership and in-depth expertise in all security aspects surrounding the implementation and operation of Information Technology solutions to improve the ability of the organization to protect the confidentiality, availability, and integrity of its information assets.

Primary responsibilities include:

• Provide technical engineering security expertise for company-wide projects, implementing security standards and baselines, and researching advancements in all security technologies that would benefit secure business growth.
• Lead vulnerability management program working closely with the patching team to limit the vulnerability attack surface
• Be or become the lead SME for various security tools including CASB, the Vulnerability Scanning Suite, EPP, etc to maintain and improve the functionality of our security tools.
• Investigate, recommend, and assist with implementing security solutions that provide detection, prevention, containment, and deterrence mechanisms to protect and maintain the integrity of data and network resources.
• Define security product requirements, conduct research, evaluation, testing, configuration, and implementation, to include identify management, access control, and intrusion prevention solutions.
• Ensure guiding procedures for incident response are in place, effective and up to date, to include periodic computer incident response team (CIRT) activation to validate response procedures.
• Use process management tools to track information about security systems administration requests and security events.
• Track, generate and provide effective reporting for use by system administrators, business leadership and end-users; recommends and implements an effective event correlation solution that analyses the output from these and other security tools in a cost-effective manner.
• Author security system and application processes for both operation and management, including as-build service configuration documents.

The ideal candidate should possess the following:

• Minimum 2 years of experience running security solutions on network/security engineering/security operations.
• Knowledge of IT security controls - firewalls, SIEM platforms, NAC, CASB, DLP, IPS/IDS, encryption, authentication, tokenization, XDR/EDR tools and desktop virtualization security.
• Working knowledge of the following technologies: Microsoft OS for Workstations/Servers , UNIX, firewall multi-layer design and implementation,, WANs, LANs, internet, intranets and network protocols (i.e., VPN, TLS, SSH, SFTP, TCP/IP, etc.), security assessment tools, vulnerability scanners, intrusion prevention systems, VMware, VDI, encryption, public key infrastructure (PKI).
• Experience with cloud security solutions
• Experience working with Palo Alto Firewalls Suite (certification highly preferred).
• Broad knowledge of network security practices, designs, methodologies, tools, and processes.
• Comprehensive knowledge of network architectures, equipment, and designs.
• Knowledge of vulnerability scanners and how to successfully implement and maintain an enterprise patching program.
• Security risk assessment skills.
• Working knowledge of information security-related technologies and products
• Bachelors’ Degree or Equivalent Experience in Computer Science, EE, Data Network Security Architecture and Design.
• Proven abilities to analyze security risks, provide remediation recommendations and create comprehensive security documentation.