IT Security Engineer

American Signature, Inc. is looking for a Security Engineer to help in technical design, implementation, support, configuration, and administration of many different pieces of  security-related hardware and software that are in alignment with the overall enterprise security strategy and objectives.

 

This role focuses on ensuring the confidentiality, integrity, and availability of systems, networks, and data through the design, deployment, and monitoring of security technologies. The Security Engineer also plays a critical role in responding to security incidents, performing vulnerability assessments, and ensuring compliance with security policies and industry regulations

 

Why you’ll want to join our team:

• Join a historic, family-owned business that has helped furnish the lives of customers for nearly 80 years
• Comprehensive medical, dental, and vision benefits & 401K plan
• Our team members are encouraged to develop and move into more challenging roles as their career progresses.
• Employee discounts at our affiliate brands which include– Value City Furniture, American Signature Furniture, DSW, and American Eagle Outfitters

 

 

As the Security Engineer, you will:

Security Infrastructure Design & Implementation:

• Design, implement, and maintain security systems such as firewalls, intrusion detection/prevention systems (IDS/IPS), encryption technologies, and VPNs.
• Ensure the implementation of network and application security best practices in both on-premise and cloud environments (AWS, Azure, etc.).
• Develop and implement access control mechanisms, ensuring appropriate authentication and authorization processes across the network and systems.

 

Threat Detection & Monitoring:

• Monitor network traffic and system logs for signs of potential security incidents.
• Configure and maintain threat detection systems (IDS/IPS, firewalls, etc.) to identify and block malicious activity.
• Regularly perform audits of security logs to ensure compliance with internal security policies.

 

Incident Response & Investigation:

• Lead the investigation and remediation of security incidents, working to identify the cause and implement corrective actions.
• Respond to and analyze security breaches or vulnerabilities, coordinating with IT and other stakeholders to minimize impact and prevent future occurrences.
• Develop and maintain incident response plans and ensure rapid response to any detected security breaches.

 

Risk Assessment & Vulnerability Management:

• Conduct regular vulnerability assessments, penetration tests, and risk analysis to identify potential weaknesses in systems and networks.
• Collaborate with IT and development teams to patch vulnerabilities and apply necessary security updates.
• Maintain an up-to-date inventory of systems and applications, identifying and managing associated risks.
•  

Security Policies & Compliance:

• Develop, implement, and enforce security policies, procedures, and best practices to ensure the security of organizational systems and data.
• Ensure compliance with relevant regulations and standards (e.g., PCI-DSS, NIST).
• Perform regular security audits to verify compliance with internal and external security requirements.
•  

Collaboration & Training:

• Collaborate with other IT teams (e.g., network engineers, system administrators) to ensure comprehensive and integrated security solutions.
• Provide training and guidance to staff on security best practices, such as recognizing phishing attempts and maintaining strong password hygiene.
• Assist in developing secure software development lifecycles (SDLC) for internal applications and services.

 

Security Tools & Automation:

• Manage security tools such as endpoint detection and response platforms, firewalls, identity and access management, cloud security posture management, etc...
• Implement and configure automation scripts to streamline security processes and reduce manual intervention in threat detection and response.
•  

Continuous Improvement:

• Stay current with the latest trends, threats, and technologies.
• Evaluate and recommend new security technologies or approaches to strengthen the organization’s security posture.
• Participate in ongoing training and development to improve technical and professional expertise.

 

 

The ideal candidate will meet the following requirements:

• Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field (or equivalent experience).
• Relevant certifications (e.g., CISSP, CISM, CompTIA Security+, CEH, GIAC, etc.) are a plus.
• Strong understanding of network security protocols (e.g., TCP/IP, VPN, DNS, HTTP/S, SSL/TLS).
• Experience with vulnerability assessment tools (e.g., Nessus, Qualys).
• Knowledge of secure coding practices and application security (e.g., OWASP Top 10).
• Familiarity with cloud security practices for platforms like AWS, Azure, Google Cloud, etc.
• Experience with encryption technologies and protocols (e.g., AES, SSL/TLS, IPSec).
• Familiarity with Linux and Windows server administration.
• Strong analytical skills with the ability to investigate, diagnose, and respond to security incidents.
• Excellent communication skills to interact effectively with cross-functional teams and provide clear reports to leadership.
• Strong attention to detail and the ability to manage multiple tasks simultaneously.
• Ability to work independently and as part of a team in a dynamic environment.
•