Information Technology Security Engineer II

Information Technology Security Engineer II

Company: Jabil

At Jabil we strive to make ANYTHING POSSIBLE and EVERYTHING BETTER. We are proud to be a trusted partner for the world's top brands, offering comprehensive engineering, manufacturing, and supply chain solutions. With over 50 years of experience across industries and a vast network of over 100 sites worldwide, Jabil combines global reach with local expertise to deliver both scalable and customized solutions. Our commitment extends beyond business success as we strive to build sustainable processes that minimize environmental impact and foster vibrant and diverse communities around the globe.

SUMMARY

Responsible for security services, technologies, programs, and processes as assigned. Interface with architects, IT groups, and other entities to ensure that security is evaluated and embraced in Jabil. Lead activities to determine the security landscape, threats and vulnerabilities, appropriate security tools, processes, policies and opportunities to mitigate risk to Jabil. Ensure compliance to Jabil’s security policies. Optimize security tools and perform complex tuning and filtering of devices.

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following: Other duties may be assigned.

• Maintain discretion and confidentiality in all areas pertaining to Jabil’s information assets, data and proprietary information, whether internal to Jabil or customer specific.
• Demonstrate a commitment to customer service; anticipate, meet and exceed expectations by solving problems quickly and effectively, making customer issues a priority.
• Continuously look for improvement opportunities in each area of Jabil’s information security program.
• Create reports for assigned areas of responsibility.
• Exchange knowledge and information with other Jabil facilities to ensure best practices are shared throughout the Jabil organization.
• Perform mentoring and education for security staff members.
• Understand and embrace the business and IT strategic direction.
• Train and educate Site Security Coordinators on their role and security requirements.
• Manage Security Programs in assigned area.
• Consult with various entities to recommend security solutions and designs.
• Assure that procedures and work instructions are efficient and not redundant.
• Lead external and internal third party audit activities. Participate in customer and group audits as required.
• Identify required metrics, goals, formulas, reporting processes, etc.
• Lead or assist security team efforts for IT Security, compliance or customer audit activities.
• Offer new ideas and suggestions for improvement. Identify and implement new practices and processes that are “best in field.”
• Lead efforts to create and implement security standards, policies, guidelines, and practices.
• Own assigned processes and ensure process requirements are being met and that the process continues to be improved.
• Lead Global or Regional merger, greenfield, and acquisition security activities and ensure all requirements are met, processes established and training performed.
• Lead security activities when reducing or shutting down existing facilities to ensure all security requirements are fulfilled.
• Identify Potential Threats and vulnerabilities and lead the mitigation of identified threats.
• Identify Security patches and vulnerabilities to be evaluated for impact and risk to Jabil.
• Lead the deviation process for assigned area and ensure the deviation process is understood and followed.
• Lead Incident Response Process as required. Lead efforts to investigate and remediate security incidents and prepare and complete required Security reports associated with the Incident Response Process.
• Ensure business requirements are met for contracts and licensing, forecast, service level agreement, and associated policies for assigned service.
• Understand the Security service's technology and its capabilities. Determine downtime requirements, upgrades, etc.
• Lead strategic Security service Ownership activities to help set direction and establish patterns of continuous improvements.
• Ensure that the Security service meets all intended regulatory and compliance requirements.
• Assist with Security Deviation Audits.
• Approve recommended or requested policy changes to tool configurations.
• Stay abreast of new tools and approaches in the security arena and meet with vendors or service providers as required.
• Determine which tools should be evaluated and lead tool or service evaluation.
• Lead activities that help determine Jabil’s security architecture and ensure that selected solutions meet all required business and compliance requirements.
• Consult with architects and other groups to ensure that solutions entering Jabil meet security requirements and also ensure that security solutions satisfy architecture requirements.
• Lead investigation and forensic efforts in sensitive and complex investigations and circumstances.
• Make judgments on whether security events are incidents and initiate Incident Response process when necessary.
• Perform advanced security incident investigation and event correlation analysis in sensitive and complex investigations and circumstances.
• Handle Escalation from Security Analysts and Security Engineers.
• Analyze security violation reports for suspicious and dangerous activity.
• Prepare summary reports for distribution to management.
• Submit tickets to the Service Desk describing security incidents with supporting information or evidence.
• Determine requirements for environment analysis such as: port scanning, vulnerability assessment tools, which tools are prohibited, etc.
• Ensure proactive steps are taken for any potential Security Tool problems such as: performance degradation, reliability/availability and security issues.
• Approve security device tuning and filtering requests and ensure no negative impact to Jabil’s enterprise.
• On Call Support rotation basis.

MINIMUM REQUIREMENTS

Bachelor’s degree in Computer Science or Management of Information Systems; or 8 years or more equivalent external work experience; or equivalent formal training in related duties. Significant experience and understanding in two or more of the following areas: Security technologies and tools, Forensic investigation and incident response tools and processes, IT technologies and tools (Cloud, Networking, Systems, Applications, Databases, etc.), Security services or program management. Global experience and working with different cultures is required. Excellent documentation skills. Two or more of the following, or similar certifications is preferred and one required: CCNA, MCSE, CISSP, GIAC, CISM, or security tool certification.

Experience with IAM operations.

Experience with NGFW.

Experience with Data Loss Prevention (DLP) solutions.

Experience with NGAV.

Experience with OS (Windows / Linux).

Experience with Virtualization (Hyper-V / VMware).

Experience with Cloud services (Azure / AWS).

Experience with Cloud Prisma.

Experience with Burp Suite.

Basic coding skill for task automation (VB script, bash script, perl script, powershell, java, or python).

Driven, self-motivated and able to work independently.