Security Engineer, Senior
TraceLink’s software solutions and Opus Platform help the pharmaceutical industry digitize their supply chain and enable greater compliance, visibility, and decision making. It reduces disruption to the supply of medicines to patients who need them, anywhere in the world.
Founded in 2009 with the simple mission of protecting patients, today Tracelink has 8 offices, over 800 employees and more than 1300 customers in over 60 countries around the world. Our expanding product suite continues to protect patients and now also enhances multi-enterprise collaboration through innovative new applications such as MINT.
Tracelink is recognized as an industry leader by Gartner and IDC, and for having a great company culture by Comparably.
As part of the Security Team, this individual is responsible for supporting and contributing to security efforts focused on TraceLink’s corporate environment, both on-premise and in the cloud. This includes the design, implementation, operation, management, and monitoring of our security solutions designed to identify threats, protect the organization, and respond accordingly. Key focus areas are securing corporate assets, threat and vulnerability management, incident management and response, and supporting business needs with new ventures. This role will also help champion Security's message across the company by leading security awareness initiatives.
- Understand attacker methodology and associated controls/defenses
- Assist with configuration, operation, and maintenance of security tooling
- Support security awareness program content development, training, testing, and metrics
- Support analysis and reporting needs, testing controls, and gathering evidence
- Support incident triaging and response for security events; partner with other teams as needed to resolve
- Maintain detailed documentation of enterprise security solutions, technical security standards, controls documentation, and configuration management
- Provide enterprise security guidance around security issues and recommend solutions to mitigate and eliminate risk to TraceLink information assets
- Identify opportunities for improvement; research and recommend approaches
- 2+ years of relevant experience operating and maintaining security tooling such as vulnerability management, EDR, EPM/PAM, DLP, SIEM, etc.
- Understanding security concepts and applying tooling for securing, monitoring, auditing, and testing on-premise and cloud infrastructure
- Knowledge of system security vulnerability classes and remediation techniques
- Knowledge and experience with securing Windows, macOS, and Linux environments
- Experience with open source tools for security management, monitoring, and analytics
- Experience with threat modeling or other risk identification techniques
- Analytical, reasoning, and problem-solving skills
- Excellent verbal and written communication skills
- Success with relationship building and working cross-functionally
- Experience deploying in Public Cloud Services (AWS preferred)
- Experience with scripting for automating repetitive tasks and supporting integrations
- Experience with Infrastructure as Code (IaC)
- Experience with security awareness training and testing
- CCSP, CISSP, CISA, CEH, SANS Security, or other industry and vendor-specific security certifications
- Bachelor's degree in Computer Science, Information Systems Security, or related field, or equivalent experience