About The Heritage Group

The Heritage Group is a fourth-generation, family-owned business focused on construction and materials, environmental services and specialty chemicals. Over the last 90+ years, the Heritage portfolio has grown to include more than 50 companies that employ more than 6,000 people. What unites this diverse group of businesses and individuals is our commitment to create a safer, more enriching, and sustainable world by harnessing the power of family.

The IT Security Engineer is responsible for maintaining security operations and assisting ITSS with security-related projects, designed to protect the company's sensitive data and assets. Responsibilities include safeguarding system perimeters, enhancing security measures for both cloud-based and on-premises infrastructures, managing network security devices and associated security tools, and responding to security incidents. The IT Security Engineer is responsible for assisting with the design, implementation, and evaluation of security solutions, while also overseeing the performance of current systems. The role is a member of the IT shared services team that supports a portfolio of privately held companies.

*This position is remote, with occasional travel to the Indianapolis, IN area. Qualified candidates must currently reside in the Eastern or Central time zones.*

Essential Functions

• Design, execute, and oversee security measures to safeguard computer systems, networks, and data.
• Identify security vulnerabilities, promote system security best practices, and collaborate with teams for mitigation implementation.
• Security awareness training and phishing simulation campaigns.
• Contribute to the design of the system security architecture.
• Assist with preparing and documenting standard operating procedures and protocols.
• Audit compliance with company security standards and work with team(s) to remedy noncompliance
• Configure, optimize, and troubleshoot security infrastructure devices.
• Utilize current system security tools to provide security remediation recommendations and guidance to business units and ITSS teams.
• Research and review new technical solutions and security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Detect, investigate, and respond to security incidents with rapid communication to stakeholders.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement.
• Be an essential part of executing all tasks or projects as put forth in the IT security strategic plan.
• Conduct vulnerability assessments and security testing on systems, networks, and applications to identify weaknesses.
• Effectively communicate security risks to both technical and non-technical colleagues, highlighting potential impacts and required actions.
• Stay updated with the latest trends in cybersecurity threats, and mitigation techniques.

• Additional duties and responsibilities as assigned, including but not limited to continuously growing in alignment with the Company’s core values, competencies, and skills.
• 
  
  
  

Education Qualifications

• Required Bachelor's Degree degree in Computer Science or related field or equivalent work experience

Experience Qualifications

• Required minimum of 3-5 years of proven work experience as an IT Security Engineer or similar role
• Required experience in building and maintaining security systems. Experience with Microsoft security solutions including Sentinel, Azure Information Protection, Defender for Cloud Apps, etc. is highly preferred.
• Required detailed technical knowledge of database and operating system security.
• Required hands-on experience in security systems, including firewalls, intrusion detection and prevention systems, anti-virus software, authentication systems, log management, content filtering, etc. (Sophos, Palo Alto, Azure SSO, and LogScale preferred).
• Required experience with network technologies and with system, security, and network monitoring tools (Cisco, Aruba, and Netskope preferred).
• Thorough understanding of the latest security principles, techniques, and protocols.
• Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.

Skills and Abilities

• Very high-level of self-awareness and desire to develop leadership capabilities.
• Ability to hold themselves and others accountable to high standards.
• Experience identifying and resolving issues independently. Demonstrates a solid sense of accountability and sound personal judgement.
• Proven analytical skills with information systems and security systems.
• Courage to take initiative in unfamiliar or ambiguous circumstances.
• Ability to gain alignment with different clients and represent a common point of view across multiple stakeholders. Must be confident building business partnerships with various business stakeholders.
• Excellent verbal and written communication
• Problem solving skills and the ability to work under pressure.
• Maintains a high level of confidentiality.

Licenses and Certifications

• Certified Information Systems Security Professional (CISSP) - Global Knowledge or equivalent certifications Required
• Microsoft Azure certifications Preferred

Working Conditions/Physical Demands

• Ability to travel locally and across business sites as needed.
• Office and remote environments, up to 8 hours working behind a computer.
• Ability to participate in on-call rotation.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.

#TheHeritageGroup