Position Purpose and Impact

• Aspira’s Security Engineer works in service to protect our software systems and data from potential threats. As a Security Engineer, you will play a crucial role in ensuring the security and integrity of our software products, as well as implementing and maintaining robust security measures across our organization.

Responsibilities

• Develop and implement security policies, procedures, and best practices to protect software systems and data assets.

• Conduct regular security assessments and audits to identify vulnerabilities and weaknesses in our software applications and infrastructure.

• Design and deploy security solutions, including firewalls, intrusion detection systems, encryption protocols, and access controls.

• Monitor and analyze security events and incidents and respond promptly to mitigate risks and minimize impact.

• Collaborate with cross-functional teams, including developers, system administrators, and IT support staff, to integrate security controls into the software development lifecycle.

• Stay abreast of emerging threats and security technologies and recommend proactive measures to enhance our security posture.

• Provide security training and awareness programs to educate employees on cybersecurity best practices and protocols.

• Participate in incident response and forensic investigations as needed and assist in the resolution of security-related issues.

• Maintain documentation of security configurations, policies, and procedures, and ensure compliance with industry regulations and standards.

• Continuously evaluate and improve security processes and controls to adapt to evolving threats and business requirement.

• Performs position in a way self-actions represent and create an engaged employee environment where all employees are treated fairly, with dignity and respect, and dialogue prioritizes transparency, efficiency, and the ability for all staff to act with their best behaviors and skills each day.

• Supports the Information Technology and Security department by observing a flexible schedule, and leading and participating in relevant projects, priorities, and other duties as assigned.

Desired Qualifications

• Proven experience working as a Security Engineer or in a similar role, with a focus on securing software systems and networks.

• Strong knowledge of cybersecurity principles, protocols, and technologies, including network security, encryption, authentication, and intrusion detection/prevention.

• Hands-on experience with security tools and technologies, such as firewalls, SIEM systems, vulnerability scanners, and penetration testing tools.

• Excellent analytical and problem-solving skills, with the ability to assess complex security issues and recommend effective solutions.

• Strong communication and interpersonal skills, with the ability to collaborate effectively with cross-functional teams and communicate technical concepts to non-technical stakeholders.

Desired Education and Experience

• Bachelor’s degree in Computer Science, Information Security, or related field; or equivalent work experience.

• 5 – 7 years’ experience as a Security Engineer in a software company within a small team for a national or global remote workforce.

• Minimum of 3-5 years of relevant experience in cyber security or information security.

• Previous experience managing industry standards and regulations, such as ISO 27001, NIST, GDPR, and PCI DSS.

• Experience working in medium to large-sized teams within financial institutions, payment processors, or fintech companies.

• Familiarity with regulatory frameworks such as PCI DSS, GDPR, or relevant financial regulations.

• Experience operating within the financial industry, particularly in sectors handling credit card transactions.

• Demonstrated experience in vulnerability assessment and management, preferably in credit card processing applications.

• Relevant certifications (e.g., CISSP, CISM, CEH) are a plus.

• Experience working with compliance frameworks such as PCI DSS.

Desired Hardware and Software Competency

• Proficiency in vulnerability scanning tools such as CheckMarx, Qualys, or Rapid7

• Familiarity with penetration testing tools like Nmap, Kali Linux.

• Experience with security information and event management (SIEM) systems such as Log Rhythm.

• Knowledge of scripting languages like Python, PowerShell, or Bash for automation and scripting tasks.

• Understanding of web application security scanners.

• Competence in database management systems (DBMS) and SQL for assessing database security.

• Microsoft Suites Intermediate Level: professional usage of suites in an office setting

• Microsoft Excel Advanced Level: proficient with v-lookups, bar/line chart comprehension, and basic formulas, advanced functions, macros, and is efficient with utilizing excel for data analysis and data automation.

General Physical Demands

• The below physical demands are representative of those required to successfully perform the essential functions of this job.

• Visual Acuity: Close visual acuity to read and analyze data on a computer monitor.

• Hearing Ability: Must be able to communicate effectively in person, over the phone, and through electronic media.

• Manual Dexterity: Operation of a phone, keyboard, mouse, and general office equipment.

• Repetitive Motion: Regular and consistent use of hands and fingers for typing, writing, and other computer-related tasks.

• Lifting and Carrying: Occasional lifting and carrying of office supplies and materials weighing up to 10 pounds.

• Sedentary Work and Body Position: The majority of work is performed while stationary or sitting at a desk or computer workstation. Prolonged periods of sitting and working on a computer are required. The ability to maintain the required body positions for extended periods, including sitting and using a computer is required. The ability to move within an office setting as well as departing and returning to a workstation punctually for assigned breaks periods is required.