Senior Enterprise Security Engineer

About Your Role: 

Dotdash Meredith is looking for a Senior Enterprise Security Engineer with a demonstrated track record of innovative thinking, technical expertise, and execution. You’ll be responsible for maintaining (and raising) the security posture across our on prem infrastructure, and end user SaaS applications and endpoints, designing and implementing enterprise security solutions, and reducing toil through automation. 

As a highly visible professional within the Security team, you will be responsible for helping to set technical direction for enterprise security, managing technical projects, and partner with other groups within the organization to deliver tools and services that align with our security roadmaps. 

This position offers remote work flexibility; however, if you reside within a commutable distance to one of our main offices in New York, Des Moines, Birmingham, Los Angeles, Chicago, or Seattle, the expectation is to work from the office three times per month.

What You’ll Do: 

Security Engineering 

 ● Harden systems for cyber resilience including Operating Systems, and Network Devices and SaaS platforms 

 ● Architect and design log management systems to collect security events across multiple log sources 

● Perform orchestration and automated response (SOAR) 

● Oversee vulnerability remediation   

 Architecture And Design 

 ● Provide technical leadership and oversight to security architecture activities and initiatives

● Define security architecture roadmaps and/or strategy 

● Determine security requirements and security controls 

● Provide design and oversight into identity and access management (IAM) 

● Perform threat modeling and reporting 

Data Loss Prevention 

 ● Provide technical leadership and oversight to data loss prevention activities and initiatives

● Develop and implement strategies for Data Loss Prevention and architect and design DLP solutions and technologies 

● Perform risk assessments to identify gaps in DLP coverage  

Identity And Access Management (IAM) 

● Architect and design IAM solutions and technologies including Single Sign On (SSO), Multi-factor authentication, Password-less authentication 

● Evaluate and inspect current IAM access permissions to verify their ongoing necessity

● Conduct risk-based analysis of users and groups across the enterprise and cloud infrastructure 

Compliance 

 ● Oversee adherence to internal policies or standards 

● Understanding various compliance standards 

● Interpret standards, requirements and their application to the enterprise environment

● Provide leadership, guidance and subject matter expertise to compliance and audit teams

● Recommend, document and monitor the implementation of any prescribed corrective actions resulting from risk assessments 

About You: 

● 5+ years of experience in Security with 3+ years of experience as a Security Engineer with a focus on securing end user SaaS applications, user endpoints, and associated infrastructure.

● Experience with hardening infrastructure including network devices, and operating systems.

● Experience deploying and customizing security tools. 

● Fluent in one or more modern coding languages (Python, Go, JavaScript, etc.).

● Experience with one or more infrastructure as code tools (Terraform, Ansible, etc.).

● Experience with one of the major cloud providers (AWS, Azure, GCP) and Kubernetes.

● Experience with one or more authentication technologies (Okta, Keycloak). 

Preferred Skills:

 ● Passion for enterprise security and continuous learning. 

● Able to concisely communicate security risks to both technical and business audiences.

● Attention to detail. 

● Ability to work independently, and as part of a team. 

● Ability to multitask and prioritize work effectively.