Security Engineer

CHEP helps move more goods to more people, in more places than any other organization on earth via our 300 million pallets, crates and containers. We employ 11,000 people and operate in more than 55 countries. Through our pioneering and sustainable share-and-reuse business model, the world’s biggest brands trust us to help them transport their goods more efficiently, safely and with less environmental impact. 

What does that mean for you? You’ll join an international organization big enough to take you anywhere, and small enough to get you there sooner. You’ll help change how goods get to market and contribute to global sustainability. You’ll be empowered to bring your authentic self to work and be surrounded by diverse and driven professionals. And you can maximize your work-life balance and flexibility through our Hybrid Work Model.

Job Description

POSITION PURPOSE

This position reports to the Director, Cyber Security Operations and is responsible for ensuring that the tactical and strategic security measures for the company’s Network infrastructure meet the highest security standards. This individual will anchor the network security expertise across the team, in a shared support model.

The Cyber Security Engineer (Network) actively works with outside vendors, the Infrastructure Team and the Service Desk Team to provide Security tooling support to the corporation in an always on and always capable design. 

The role works alongside the other Security Engineers, to ensure appropriate design, selection, delivery and documentation of Cyber tooling and support processes, covering all Technology, but with a specific SME focus on the Networking technologies, both current and future.

This role is key in delivering to the Corporate-wide Cyber Security program.  This person will drive the improvement of the Cyber Security operation through correct use of improved technologies, automated telemetry ingestion and handling, with a focus on cost efficiency.

MAJOR / KEY ACCOUNTABILITIES

• Alongside other members of the Engineering team, this role owns the “Security Stack” of tooling and will ensure security tooling remains fit for purpose.

• Identify security risks and assist in developing remediation plans

• Primary point of contact for Network Cyber Security Incident response (Traffic analysis, packet-sniffing, etc.) in the Cyber Security Escalations team. 

• Provide leadership and support to Network infrastructure teams with respect to Network security.

• Understand and communicate any changes of Network technology jointly with cybersecurity and infrastructure teams.

• Configure and maintain integrations between tooling (e.g. tool X sending log events to a SIEM)

• Participate in Cyber Security related projects.

• Managing and responding to security-related requests related to (e.g.)

      • Endpoint Protection

      • Firewalls

      • Content Filtering

      • Spam Filtering

      • Virus Protection

      • Vulnerability Analysis

      • Other Security tooling

• Troubleshoot and resolve security related technical issues effectively and efficiently.

• Create accurate and well-documented solutions for security related issues.

• Perform security reviews of server / network / application and ensure compliance with security policies and best practices.

• Drive incident responses to resolution and mitigate risks in a timely and structured way.

• Work with appropriate personnel to create a practical, scalable, and secure model for enterprise applications, networks, and services.

• Work with technology groups to evaluate, select, install, and configure hardware/software systems to comply with established Cyber security standards and policies.

• Develop and document technical practices to comply with Cyber Security policies.

MEASURES

• Manage incident response within agreed SLAs

• Manage solutions within agreed SLAs and Performance targets

• Reduce incident rates to within operating targets

• Annual review and benchmarking to show improved maturity of Corporate Cyber security operations

• Expansion and adoption of features and capabilities within a platform

AUTHORITY / DECISION MAKING

• First level authorization for Cyber Security tooling indents

KEY CONTACTS

Internal:  Corporate Global Technology Services, Privacy & Legal teams, Internal Auditors

External:  Application Software vendors, External Auditors (e.g. PwC, EY)

QUALIFICATIONS

• Bachelor’s degree in Computer Science, Information Systems, Business or related field, Masters preferred or equivalent combination of education/experience.

• One or more certifications in: CISSP, CISA, CISM, CHFI, GISP, GCFA, GCED, GCIA or similar industry standard certifications

• SANS (GCFW, GCIH, GPEN, GCIA, GCFA) CISSP, CISA/M, CRISC or similar certification a plus

EXPERIENCE

• 2-4 years of experience in Cyber Security and 3-5 or more years of overall IT experience

• Strong experience of Networking technologies. Including the secure configuration, management and operations of global network environments.

• Experience designing and implementing network infrastructure

• Experience with the Linux and Windows Operating systems

• Working knowledge of application development and scripting

• Must possess a proficient understanding of network and Web related protocols (TCP/IP, UDP, IPSEC, HTTP, HTTPS, DNS)

• Experience with security tools (SIEM, IDS, firewalls, anti-virus, data loss prevention, etc.)

• Experience working with security governance frameworks (NIST, ISO27001, COBIT)

SKILLS AND KNOWLEDGE

• Should possess an understanding of e-mail filtering, URL filtering, anti-virus, IDS, vulnerability scanning, 2-factor authentication, access control systems, SIEM and VMware products.

• Strong Network configuration, management and operations understanding.

• Comfortable with Microsoft Active Directory, and VMWare virtual environments.

• Must be proficient in writing technical documentation,

• Ability to demonstrate successful implementation techniques based on industry established best practices.

• Outstanding verbal and written communications skills with all levels of management, staff, and vendors.

• Demonstrates accuracy and thoroughness. Looks for ways to improve and promote quality and monitors own work to ensure quality is met.

• Must be able to work independently, prioritize work activities and use time efficiently.

• Must be able to maintain confidentiality.

• Must be able to demonstrate and promote a positive team environment.

• Must be able to work well under pressure or stressful conditions and meet required project deadlines.

• Must possess the ability to manage conflict and/or direct change, delays, or unexpected events appropriately.

• Must be available to work outside of normal working hours or on-call as needed.

Preferred Education

Bachelors

Preferred Level of Work Experience

3 - 5 years

Remote Type

Hybrid Remote

We are an Equal Opportunity Employer, and we are committed to developing a diverse workforce in which everyone is treated fairly, with respect, and has the opportunity to contribute to business success while realizing his or her potential. This means harnessing the unique skills and experience that each individual brings and we do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, and basis of disability or any other federal, state, or local protected class.

Individuals fraudulently misrepresenting themselves as Brambles or CHEP representatives have scheduled interviews and offered fraudulent employment opportunities with the intent to commit identity theft or solicit money. Brambles and CHEP never conduct interviews via online chat or request money as a term of employment. If you have a question as to the legitimacy of an interview or job offer, please contact us at [email protected].