Job Description

As a rapidly growing global provider of IT solutions, we’ve expanded from Seattle to Sydney and beyond – with reach in over 80 countries around the world. Today’s top brands count on Zones and our world-class partners – Microsoft, Apple, Cisco, Dell, Lenovo, and more – to transform their enterprises. To support this transformation, Zones offers products and services across four Solution Environments: Workplace Modernization, Network Optimization, Data Center Transformation, and Security Fortification.

At Zones, work is more than a job – it's an exciting career immersed in an inventive, collaborative culture. If you’re interested in working on the cutting edge of IT innovation, sales, engineering, operations, administration, and more, Zones is the place for you!

Position Overview

A Security Engineer It is a critical part of the Security Operations Center team tasked with the role of protecting the networks and computer systems of the company from any security threats or attacks. This includes provisioning, deployment, configuration, and administration of many different pieces of network and security-related hardware and software such as firewalls, routers, switches, various network monitoring tools, and VPNs (virtual private networks).  A Security Engineer I also regularly performs network-based security risk assessments, and occasionally helps design new infrastructure solutions as the company expands or replaces its system architecture. A Security Engineer IT must also be able to collaborate and communicate well with other departments to ensure that other employees are educated on best practices to keep information secure.

Zones is a diverse technology company with over $2 billion USD in revenue and clients ranging from mid-market companies to Fortune 500 enterprises. Our business model is complex, and we are rapidly evolving from a product sales company to an IT solutions and services company. This requires us to transform how we interact with our customers, what steps we take to empower our team members, and how we optimize our internal operations and our interactions with vendors and partners.

Key Responsibilities

The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

The Security Engineer’s is primary responsibility is to:

•       Identify security issues and risks, and develop mitigation plans

•       Implement, support, and evaluate security-focused tools and services

•       Ensure content data is appropriately secured with appropriate digital rights management strategies.

•       Participate in security incident handling and remediation.

•       Monitor cybersecurity events using tools such as the ones listed in the Required and Preferred Experience section and escalate to the appropriate individuals and groups.

•       Conduct review of Risk Management and Information Security policies, procedures, standards and guidelines.

•       Review security systems by specifying intrusion detection methodologies and equipment.

•       Direct equipment and software installation and calibration.

•       Setup and maintenance of cybersecurity tools.

We are seeking candidates with the following experience and skills;

Who You Are

You have a unique blend of business and technical savvy in the digital world who always considers how to maintain the CIA triad (confidentiality, integrity, availability) with respect to the assets being protected. You possess out-of-the-box thinking to logically resolve complex problems and pay close attention to detail. You not only have 'hands-on' skills but are also able to advise on the design of security policies which should work to protect the company and be robust enough to cope with the changing threat landscape.

Required Experience:

•       5+ years of experience in Information Technology.

•       2+ years of experience in Information Security.

•       Knowledge of information risk and security policies, standards and regulations related to information security, data confidentiality (PCI-DSS, etc.) and desktop, server, application, database and network security principles.

•       Current knowledge of threats and cybersecurity trends.

•       Knowledge of Security Frameworks (ISO 27002).

•       Knowledge of SecOps, GPO Audit and ESAE.

•       Strong knowledge of common operating systems (Windows, Linux, Solaris and Unix).

•       Must be able to perform hands-on support for a wide range of security technologies (SIEM, IDS/IPS, malware analysis and protection, identity and access management, data loss prevention, content filtering technologies, vulnerability scanners, etc.).

•       Knowledge of network and web related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols).

Preferred Experience:

•       Microsoft Azure Advanced Threat Protection - ATP

•       Microsoft Windows Defender Threat Protection - MDATP

•       Microsoft Cloud Access Security - MCAS

•       Microsoft O365 Security – OCAS

•       Microsoft LAPS

•       PowerShell:  HAWK, ADSA

•       Cisco ISE

•       CyberArk - Privileged Account Management

•       SIEM tools

•       Privileged Account Workstations - PAWs

Education:

• Bachelor's degree in computer science or a related field, or equivalent experience.
• Prefer those with a professional security certification such as GIAC, CISSP, CISM.

Required Skills