Security Engineer

Security Engineer

Additional Position Details: FTE: 1.0 | Full Time | Primarily Mon - Fri / Day shift

PLEASE NOTE: This is a remote position. Candidates will be required to have reliable broadband internet and personal cell phone service. Remote work may include working day-to-day operations during Pacific Standard business hours or online training. Candidates must live within the United States and due to our pay practices, we are not able to employ candidates living in some states.

The Security Engineer is responsible for the development, implementation, and maintenance of information system security controls in support of Asante policies and procedures, relevant regulatory guidelines, and current industry best practices. Additionally, this position is responsible to help identify, classify, scan, and report on security vulnerabilities and misconfigurations within Asante's infrastructure. The Security Engineer is an integral member of a strong technical team that uses many bests in breed tools to support the information security program at Asante and serves as a technical resource available to other technical teams and is an incident escalation position.

This Security Engineer role will have a specialized focus on Identity and Access Management (IAM), with an emphasis on applying IAM principles and best practices to support the SailPoint Identity Security platform. The engineer will play a key role in maintaining and enhancing the SailPoint application, including lifecycle management, access request workflows, policy enforcement, and access certifications. This position requires a solid understanding of IAM concepts such as provisioning, deprovisioning, role-based access control (RBAC), privileged access management (PAM), and identity governance to ensure secure and efficient access to systems and applications across the organization.

Education

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology - OR - the equivalent in experience in lieu of degree (additional years of experience are required if no degree).

Required Experience/Skills/Abilities

• A minimum of 3 years of experience in information security.
• Broad range of security knowledge with knowledge of firewalls, hardware security modules, SIEM development for threat prevention and detection.
• Proficient with vulnerability management solutions such as InsightVM and open source.
• Exceptional analytical and investigative abilities with hands-on experience leading root cause analysis.
• Familiarity with typical communication protocols, e.g., TCP/IP, HTTP/HTTPs/Websocket, etc.
• Strong understanding of secure architecture and design, threat modeling, and the ability to clearly articulate best practices and mitigations for application security.
• Strong communication skills, both written and verbal.
• Knowledge of industry best practices for information security control design.

Additional Requirement

• Must not have any convictions for security/privacy/compliance related crimes.

Preferred Certifications

• Industry certifications such as CISSP, OSCE, OSCP, GSEC.

• Earn a competitive and progressive salary.
• Benefit from health plans that are focused on health and wellness including medical, dental, vision and wellness beginning within 30 days of hire.
• Plan for your future with a retirement package that includes up to 6% employer contribution.
• Experience a healthy work-life balance with our generous earned time off (ETO).
• Continue to enhance your education through our tuition reimbursement and tuition repayment plans.

At Asante, we are guided by our values below. Explore Asante more by visiting www.asante.org/careers

Excellence - Respect - Honesty - Service - Teamwork

Asante is an equal opportunity employer. We are committed to employ and advance in employment women, minorities, qualified individuals with disabilities and protected veterans.