IT Security Engineer, American Traffic Solutions

Description

Are you ready to work with a purpose? The mission of American Traffic Solutions (ATS) is to save lives and improve safety on the roads of the communities we serve. ATS pioneered the road safety camera industry over 25 years ago and continues to be on the forefront of the industry as the market share leader. We are the leading provider of traffic safety, mobility and compliance solutions for state & local governments, commercial fleets and rental car companies.

ATS’ Mesa office is hiring a Security Engineer. This individual will be responsible for performing IT Security tasks associated with maintaining security systems and infrastructure, as well as assisting in application security tasks. This position will have to work independently to identify and remedy potential vulnerabilities and threats, as well as work as part of a team to accomplish larger tasks and projects meeting company goals and objectives.

Responsibilities:

The key responsibilities of this position include, but are not limited to the following:

  • Perform operational processes related to satisfying both security and compliance requirements.
  • Perform regular security assessments at the application, system and infrastructure layers.
  • Work with security architect and CISO to deploy new security tools to ensure alignment with the existing threat landscape.
  • Assist in the development, improvement and validation of both Agile and Waterfall SDLCs, coding standards, and other application security.
  • Management of HSMs/Encryption systems including HSM hardware and key management.

Qualifications:

  • Must have a CISSP or CISM.
  • A GIAC certification preferred.
  • Bachelor’s degree is preferred but not required.
  • 5 years of experience in Information Technology including 2 years in a senior role required along with 2 years’ experience in either a security infrastructure or application security role.
  • Strong soft-skills, including writing (both technical and business communications), inter-team and intra-team communications, and customer service skills.
  • Knowledge and familiarity with Powershell.
  • Deep understanding of PCI/NIST/ISO27001 requirements and able to interpret, document and communicate technical requirements to non-IT personnel.
  • Familiarity with security analysis tools and techniques including NeXpose, Nessus, Qualys, Fiddler, BURPSuite, WhiteHat, and/or VeraCode platforms.
  • Experience with Firewalls, IPS, SIEMS and other security management tools.
  • Advanced knowledge of AD authentication, including Radius, TACACS and Kerberos.
  • Familiar with Change Control concepts in a highly regulated environment.
  • Familiarity with Linux and Windows environments.
  • Knowledge of Windows security tools and products including PKI and ISA, as well as security concepts like logging, and Group Policy.
  • Expert level knowledge of network infrastructure threats, and mitigation techniques required.
  • Familiar with Incident Response processes including SANS, NIST and/or CMU models, forensic investigation tools and techniques, and chain of custody requirements.

 

Provided by: Jennifer Hall, SHRM-CP | Corporate Recruiter