Senior Security Engineer
About our Company:
Based in Denver, Colorado, Cologix is North America's leading network-neutral interconnection and hyperscale edge data center company. Our platform gives customers access to 40+ digital edge and ScalelogixSM hyperscale edge data centers in 11 markets across the United States and Canada along with a carrier-dense ecosystem of 700+ networks, 360+ cloud providers, 30+ onramps and six Internet exchanges. We provide our nearly 2,000 customers with direct access to our local operations teams, resulting in strong partnerships enabled by exceptional operational support and unparalleled customer service. Backed by one of the largest North American infrastructure funds, Cologix's experienced leadership team, certified staff and commitment to ESG initiatives help form a culture that values our people, our environment and our clients.
About the Position:
Install, document, troubleshoot, and maintain network security infrastructure and software. Configure security tools and applications to improve detection and response capabilities, track performance of controls, streamline internal processes, and make improvements to defensive controls.
What you do daily:
- Collaborative issue remediation on a broad set of IT related issues: Cybersecurity risks, regulatory compliance, data protection, user access, network controls, etc.
- Configure network security controls including firewalls, IDS/IPS, email gateways, WLAN, vulnerability scanners, and endpoint controls such as EDR and DLP.
- Respond to security events, validate findings, and remediate gaps identified by vulnerability scanning and penetration testing.
- Plan, design, implement and support security tools used for preventative controls, detection of events, and incident response efforts.
- Create and maintain system as-built documentation, security infrastructure topology, data flow diagrams, internal knowledgebase, and incident runbooks.
- Proactively manage updates and patching of security applications and device software/firmware and hardware.
- Participate in project planning and execution as information security SME and ensure adherence to internal policy and security best-practices.
- Participate in blue/purple team exercises, design and execute DR/BCP/IR tabletop exercises, update processes and documentation based on lessons learned.
What makes you a good fit: (Qualifications)
- A computer science related baccalaureate degree from an accredited college, or equivalent experience
- Minimum of 5 - 8 years’ experience in security in an enterprise environment.
- Experience with vulnerability scanning applications, log management and alerting platforms, and packet analyzers
- Experience with network segmentation and/or security zones for applicable data protection according to data classification.
- A team player with a willingness to establish a strong positive working relationship with all areas of the business.
- Willing to share knowledge with co-workers and to assist them in understanding technical and business topics.
- Willing to learn new tools and technologies as needed.
- Working knowledge of information systems security standards and practices (e.g., access control, system hardening, system auditing, log file monitoring, security policies, and incident handling).
- Experience with detection and response tools including Network Behavior Anomaly Detection, Data Loss Prevention, Email Gateway services, Sandboxing, DDoS Mitigation, WAF, Forward/Reverse Proxies, DNS Security, etc.
- Demonstrated experience of “hands-on” security knowledge of one or more of the following platforms: Windows, Apple IOS, Linux.
- Working knowledge of networking protocols, web technologies, and cloud computing.
- Ability to interpret information security data and processes to identify potential Indicators of Compromise (IoC).
- Ability to quickly understand complicated data flows in order to identify and validate security requirements.
- Ability to work effectively, independent of assistance or supervision.
- Ability to clearly communicate Information Security matters to executives, auditors, end-users, and engineers using appropriate language, examples, and tone.
- One or more of the following advanced professional security certifications: CISSP, CRISC, or CISM (or requisite experience to attain within 12 months).
- Palo Alto certifications are a Plus
Preferred experience:
- Hands-on experience implementing and supporting Palo Alto firewalls.
- Experience with wired and wireless network-based passive and active controls like IDS and IPS.
- Familiarity with ITILv2/v3 processes such as Service Support, Service Delivery, or Continual Service Improvement.
- Familiarity with Regulatory Compliance and industry standards and frameworks such as ISO27k, SSAE18 SOC 2, and PCI.
***Applicants must be authorized to work for any employer in the U.S. We are unable to sponsor or transfer sponsorship of an employment visa at this time, including CPT/OPT.***
Benefits:
We offer a competitive benefit package for full-time employees that includes:
- Medical, dental and vision insurance
- Flexible spending account options
- Non-accrued PTO
- Company paid holidays
- 401k Retirement Plan
- Short- and Long-Term Disability
Individual compensation will be commensurate with the candidate's experience. This position will also be eligible for an annual bonus.
Salary Range
$110,000 - $140,000 USD
NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as assigned to meet the ongoing needs of the organization.
Cologix is proud to be an Equal Opportunity Employer. Qualified applicants are considered for employment without regard to age, race, color, religion, sex, national origin, sexual orientation, gender identity, disability, or veteran status. If you need assistance in applying for any of our open positions, please contact us at recruiting@cologix.com or call 720-940-2551.
The California Consumer Privacy Act (“CCPA”) creates privacy rights relating to the collection, sale, disclosure, and deletion of consumers’ personal information. The CCPA requires businesses to provide consumers, including job applicants and employees, with information about their rights, including a description of the categories of personal information to be collected and the purpose for which the information will be used. For additional information regarding your rights, including a description of the categories of personal information to be collected and the purpose for which the information will be used, please see https://cologix.com/privacy-policy/.
Cologix’ data centers are ISO 27001:2013 certified. ISO 27001:2013 certification and the Cologix portfolio of information security, information privacy and other industry recognized certifications represents our dedication to insuring the confidentiality, integrity and availability of company and customer information systems and assets. At Cologix, information security is everyone’s responsibility. Cologix employees are responsible for:
- Understanding and following Cologix' information security, cybersecurity and privacy policies, procedures and standards.
- Ensuring conformance to all information security, cybersecurity and privacy policies, procedures, and standards.
- Remaining vigilant and reporting any suspicious activity or possible vulnerabilities, weaknesses, threats, or breaches in Cologix information security to company information security and privacy officers.
- Actively participating in Cologix’ efforts to maintain and improve information security.
Apply for this job
*
indicates a required field