Senior Cyber Security Engineer, Operations

Who We Are: 

Endeavor is seeking a Senior Security Engineer to lead the selection, design, implementation, and operation of security solutions for our technology environment. Reporting to the SVP of Cybersecurity, this role will integrate security controls into business processes to ensure data security, compliance, integrity, and availability. You will drive the effective development and adoption of solutions, supporting cybersecurity engineering efforts to mitigate risks across our global organization.

The Endeavor Cybersecurity team is committed to identifying, evaluating, and mitigating threats, vulnerabilities, and risks within our business processes, technology supply chain, and behaviors. Our focus is to protect Endeavor’s business operations while fostering top-line growth across our lines of business, alongside our technology, compliance, and legal teams.

You are a seasoned cybersecurity and risk management professional with a solid understanding of enterprise engineering and supporting principles. You are a subject matter expert with experience working with both technical and non-technical business leaders, adopting a client-services approach. You have a consultant mindset, collaborating with partners across various functions and seniorities to embed yourself within the business units. You can recognize unique threats and efficiency opportunities across diverse business models, revenue streams, and data sources within our complex corporate structure.

RESPONSIBILITIES

• Design and Implement Security Solutions: Engineer and support the full lifecycle of security solutions within Endeavor’s networks (both on-premise and in the cloud).

• Consult on Operational Efficiency: Advise management on operational improvements to enhance security capabilities and reduce delivery costs.

• Create Robust Security Controls: Develop and maintain security controls for agile deployments, including both traditional infrastructure and continuous deployment methods in a high-capacity, multi-tiered infrastructure.

• Develop Security Frameworks: Build a library of architectural patterns to optimize time-to-solution for security throughout a solution’s lifecycle, covering technology, business processes, operating costs, assurance, and skills development.

• Drive Assurance Programs: Develop and sustain a metrics-driven software assurance program, incorporating education, business processes, tools, and policies to enhance the security and monitoring of the firm.

• Lead Incident Response Efforts: Contribute to the Incident Response Process as a senior member of the Cybersecurity team, collaborating with Compliance, Legal, and HR teams.

• Innovate and Strategize: Provide innovative thinking and strategic planning on best practices, cost management, emerging technologies, and potential product/service offerings.

BASIC QUALIFICATIONS

• Proven Experience: Over 5 years of experience as a security professional.

• Enterprise IT Background: Over 3 years of experience working in high-traffic, public-facing production environments or within a global enterprise IT organization.

• Expertise in Engineering Practices: Strong experience in enterprise engineering, supporting principles, and lifecycle management.

• Hands-On Security Expertise: Senior-level, hands-on experience in security engineering and support.

• Advanced Security Knowledge: In-depth knowledge of host- and network-based intrusion prevention and response, anti-malware solutions, SIEM, Azure/AWS threat and log monitoring, and authentication/role-based identity management solutions.

• Proficient in Risk Management: Experience with vulnerability management and mitigations, including patch management and system hardening.

• Skilled in Threat Hunting: Expertise in threat hunting, with the ability to document operating procedures and create playbooks.

• Familiarity with Security Protocols: Working knowledge of IPSec VPN, SSL, MFA/2FA, firewall policies, and PKI.

• Industry Certifications: CISSP certification or equivalent required.

PREFERRED QUALIFICATIONS

• Leadership Skills: Leadership or team lead experience is a plus.

• Network Expertise: Strong understanding of LAN/WAN communications and network hardware, particularly Cisco routers, switches, and firewalls.

• Programming Skills: Development experience in scripting languages such as Python, Bash, or PowerShell is a plus.

• Security Standards Knowledge: In-depth understanding of the OWASP Top 10 and PCI secure coding principles, with the ability to advise on mitigation strategies across architecture, systems engineering, operations, and development.

Per local requirements and in the interest of transparency, the range shown below reflects the prevalent current hiring range for this position. Hiring pay rates are based on a number of factors, including location and may vary depending on job-related qualifications, knowledge, skills and experience. The company strives to provide locally competitive rewards packages, which include base rate along with, as applicable, short- and long-term incentives, growth and developmental opportunities, and robust benefits, such as health care, retirement, vacation and other paid time off, and additional offerings.

Hiring Range Minimum:

Hiring Range Maximum: