Security Engineer

About DerbySoft

Connecting different businesses together is what DerbySoft's all about. We make the travel business easier by developing intelligent technology services delivering superior performance for our customers around the globe. We're passionate about empowering companies to achieve their goals and transforming how companies interact with their customers.

DerbySoft has been recognized as a distinguished partner to the industry since 2002 offering strengths through exceptional technology and customer service with local operations globally.

We're on a mission to hire the very best and are committed to creating exceptional employee experiences where everyone is respected and has access to equal opportunity. We realize that new ideas can come from everywhere in the organization, and we know the next big idea could be yours

Job Summary

The Security Engineer holds a pivotal position within the Security team, actively contributing to the design, implementation, and monitoring of security measures to protect company assets. This role bridges the gap between foundational knowledge and advanced expertise, requiring hands-on experience in security operations, incident response, and proactive threat hunting. This position plays a key role in enhancing security standards, best practices, and fostering a culture of security awareness across the organization.

Key Responsibilities and Duties

• Assist in architecting, implementing, and maintaining security infrastructure to safeguard company assets, data, and employee safety, ensuring compliance with established security protocols.
• Participate in reviewing system logs, event data, and other relevant information to detect and analyze suspicious activities, contributing to effective threat identification and mitigation strategies.
• Support the management and troubleshooting of security and network issues, responding promptly to security events and incidents to minimize potential impacts on operations.
• Enable and maintain appropriate security controls to protect the organization's data and infrastructure, ensuring alignment with security policies and procedures.
• Conduct security testing across network systems, applications, and third-party services to identify vulnerabilities, collaborating with senior team members to manage and patch vulnerabilities as part of a continuous security assessment cycle.
• Engage in daily security operations, including administrative tasks, reporting, and collaboration with cross-functional teams to promote a collaborative security environment.
• Participate in proactive threat hunting activities to identify and investigate suspicious activities, providing support for confirmed security incidents with detailed response strategies.
• Assist in the development and recommendation of security standards, best practices, and enhancements to management, contributing to the evolution of corporate security policies.
• Stay updated on the latest security trends, threats, and technologies, demonstrating adaptability to evolving security landscapes and organizational needs.

Experience and Skills

• 2-4 years of experience in an Information Security role, with a solid understanding of security protocols, cryptography, authentication, and authorization mechanisms.
• Proficiency in security and system monitoring tools, coupled with a foundational knowledge of networking technologies.
• Knowledge of web-related technologies (Web applications, Web Services, Service-Oriented Architectures) and network/web protocols.
• Hands-on experience with a range of security technologies, including cloud services, malware protection, identity management, and SIEM, alongside familiarity with incident handling and risk assessment methodologies.
• Strong problem-solving skills and the ability to work effectively under pressure, demonstrating a commitment to continuous learning and professional development.
• Ability to provide 2nd and 3rd tier support, showcasing adaptability to new technologies and changing business requirements.
• Relevant certifications such as SANS, CompTIA Security+, or Networking certification, is preferred but not required.
• Experience with emerging security solutions, including AI-based threat detection, automated security orchestration, and advanced endpoint protection.
• Familiarity with compliance frameworks and regulations such as GDPR, HIPAA, SOX, and PCI-DSS.
• Proficiency in scripting or programming languages (e.g., Python, PowerShell) applied to automating security tasks and incident response processes is preferred but not required.
• Understanding of software-defined networking solutions, including Wireless Access Points, Switches, and VPNs.

Performance Standards

• Flexibility to work outside standard office hours to accommodate international time zones and global security operations.
• Occasional domestic and international travel may be required.

Benefits

• Flexible Schedule
• Generous Paid Time Off
• Competitive Pay
• Annual Bonus
• Referral Bonus
• Health, Dental & Vision Benefits
• Company provided Life Insurance Program
• Company provided Long - Term Disability Benefits
• Voluntary Life
• Employee Assistance Program
• Company Matching Retirement Program

DerbySoft, Inc. provides equal employment opportunities to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.

We also participate in E-Verify for anyone hired in the United States of America.