Information Security Engineer

Why join Seegrid?

Seegrid is the leading provider of self-driving industrial vehicles. We develop and deliver mobile robots and enterprise software for global leaders in logistics, manufacturing, warehousing, and e-commerce. Our suite of solutions includes vision-guided vehicles, fleet management software, actionable analytics, and best-in-class service and support. Our unique and proven technology sets us apart—our automation solutions have safely driven millions of autonomous miles in real production facilities without a single personnel safety incident. We are seeking energetic, bright, and friendly people to help achieve our vision: to fortify global supply chains and create profitable economies with safe, seamless, and smart mobile robotics solutions. 

The Role: Information Security Engineer

Reporting to the Director of IT, the Information Security Engineer will be responsible for endpoint vulnerability management, network vulnerability management, and implementation of information security plans and policies. 

Core Responsibility for this role:

You will have primary responsibility for protecting Seegrid’s Information Resources. 

The successful completion of your first year, looks like:

• In the first 60 days you will take ownership of Seegrid’s cybersecurity tools.
• In the first 120 days you will make significant improvements to the configurations of Seegrid’s cybersecurity tools and detection methods. 
• In the first year, you will show measurable improvement in detection and prevention of cybersecurity risks and incidents. 

Responsibilities will consist of:

• Determination and implementation of uniquely configured policies and modifications , control, and management of COTS EDR/MTR, network security, and cybersecurity solutions, including Sophos and Darktrace
• Continuously update observability functions within tooling to triage incidents appropriately
• Analyze persistent vulnerabilities/identified incidents, perform root cause analysis, and investigate potential false positives
• Proactively research and monitor security-related information sources to aid in vulnerability discovery
• Coordinate with employees and security/IT managers on documentation and playbooks for additional actions
• Track vulnerabilities from discovery through resolution using ticketing systems and integrated tooling
• Facilitate and coordinate vulnerability assessment and scanning, reviews of assessment results, patching, and remediation activities related to workstations, databases, servers, storage, appliances, and web applications
• Coordinated management of extended security related tools, including MDM/UEM/Inventory systems, DLP tools, SaaSOps tools
• Adapt and customize risk models based on typical network traffic
• Create configuration management policies based on industry best practices and regulatory requirements
• Produce and maintain technical documentation of vulnerability management program including requirements, architecture designs, and network security topology, including generating guidance on vulnerability remediation, countermeasures, and risk mitigation
• Serve on InfoSec Committee, interfacing with contemporaries in product and engineering

Required Experience

• 1+ years of experience managing EDR and cybersecurity tools, and vulnerability management
• Strong understanding of relevant standards and control frameworks (e.g. NIST 800-x, ISO 27001, SOC 2, Cybersecurity Maturity Model, CIS-CAT, etc)
• Expertise in designing secure, modern networks and/or systems to support a distributed workforce
• Experience with Google Workspace
• Experience with security standards and tooling within cloud environments (GCP, Azure)
• Working understanding of Zero Trust Architecture
• Knowledge of risk assessment tools, technologies and methods
• Knowledge of hyperscale cloud platform and SaaS security
• The ability to multitask, and to thrive within fast-paced, high-stress environments
• Strong organizational skills
• Strong communication skills, including the ability to convey complex technical information to non-technical audiences

Desired Experience:

• 5 years of experience managing cybersecurity tools and vulnerabilities in a medium sized organization
• Experience managing Sophos, Darktrace, and Meraki systems and software
• Experience with NAC systems/policies
• A working understanding of CISA’s Zero Trust Maturity Model or the BeyondCorp framework
• Experience with ethical hacking tooling and processes
• Certification in relevant cybersecurity framework or practice, such as Security+, CISSP, CCSP

Seegrid is embracing a remote workforce, so this position can be remotely located anywhere in the US or at HQ in Pittsburgh, PA. We’d love to have you join us!

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status, or disability status. Seegrid is an equal opportunity employer Minorities/Females/People with Disabilities/Protected Veterans/Sexual Orientation/Gender Identity.