Gorbel's mission is simple: We improve people's lives. That mission guides everything we do, from the products and service we provide to our outside customers to the work environment we foster for our employees. We are a manufacturer of material handling and fall protection products for the production and warehouse/distribution sectors. We're on the cutting edge of manufacturing and distribution; a thriving, growing company that is constantly seeking out new ways to innovate and elevate our products and our processes - and we're looking for people like you to join us in that mission. We're currently hiring for open positions in the US and Canada. We operate in Canada as Engineered Lifting Systems and Equipment (ELS)/DBA Gorbel® Canada, and subsequent communication related to Canadian positions may show the ELS name. You may be contacted by phone by recruitment personnel based in either Canada or New York. Work Shift: Job Description: The IT Security Engineer will participate in the design, implementation, and oversight of all security efforts for Gorbel®. The IT Security Engineer will provide support for assigned Information Security platforms as well as escalation operational support to the IT Infrastructure team. The IT Security Engineer will work closely with all departments to gather input to support ongoing business and departmental security initiatives. The IT Security Engineer will use this input to help develop, guide, document and maintain the company's overall security roadmap which will support day-to-day business operations and the long-term security goals of the company. The IT Security Engineer will participate in the design, implementation, and oversight of all security efforts for Gorbel®. The IT Security Engineer will provide support for assigned Information Security platforms as well as escalation operational support to the IT Infrastructure team. The IT Security Engineer will work closely with all departments to gather input to support ongoing business and departmental security initiatives. The IT Security Engineer will use this input to help develop, guide, document and maintain the company's overall security roadmap which will support day-to-day business operations and the long-term security goals of the company. Specific Duties:
- Provide support for assigned Information Security platforms as well as escalation operational support for the IT Infrastructure team
- Assist in the design, implementation and maintenance of security-focused tools and services
- Collaborate effectively with all departments to help develop and implement appropriate security controls
- Proactively monitors SIEM Systems and conducts integrated analysis of multiple log sources
- Proactively monitors security alerts via CVE and NIST and can articulate the risk based on the CVSS rating as well as recommend actions to the IT Director and IT Infrastructure team
- Maintains continuous awareness of current security related events and the impact of security to business operations
- Conduct scheduled audits of security controls, prepare reports and present to leadership
- Build and support a DevSecOps culture
- Deliver security training and consulting as required
Position Requirements:
- Bachelor's degree in Cybersecurity, Information Security, Computer Science, Management Information Systems, Business or other degrees in related fields
- 3+ years of experience in a security role within a corporate environment
- Proficient in Windows and Linux-based operating systems
- Proficient in Microsoft 365 applications
- Ability to assess and remediate email-based security threats
- Experience automating security-related operational tasks
- Experience writing code/scripts with at least two of the following languages: PowerShell, Java/J2EE, JavaScript/AJAX, C#/C++/C, Perl, Python, SQL
- Experience with encryption and certificate/key management
- Experience with network security controls such as VPN gateways, next generation firewalls, web filters, IPS, IDS, ACLs, DLP, etc.
- Experience with Privileged Access Management solutions
- Experience conducting security audits, preparing reports and presenting to leadership
- Experience working in a DevSecOps environment
- Knowledge of domestic and international privacy laws. (NY Shield Act, CCPA, GDPR, etc.)
- Knowledge of networking protocols and hardware configurations (switches, routers, firewalls, wireless controllers, etc.)
- Knowledge of On-Premises and Cloud IT Infrastructure
- Commitment to quality and attention to detail
- Strong troubleshooting and problem-solving skills
- Strong teamwork and collaboration skills
- Strong communication skills and ability to interact with all levels of the organization
- Highly self-motivated and self-directed
Ideal Candidate Will Also Have:
- Certified Information Systems Security Professional (CISSP)
- One or more of the Certified Information Privacy Professional (CIPP) concentrations (A/C/E/US)
- Experience supporting and maintaining SOC 2 compliance
- Experience supporting and maintaining NIST 800-53 standards
- Experience in a GRC role
Work Environment: ADA Physical/Mental/Workplace Requirements
- Occasional lifting up to 25 lbs.
- Ability to move easily about a manufacturing factory
Gorbel® is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, creed, color, religion, alienage or national origin, ancestry, citizenship status, age, disability or handicap, gender, gender identity, marital status, veteran status, sexual orientation, genetic information, arrest record, or any other characteristic protected by applicable federal, state or local laws. Gorbel® is also committed to providing reasonable accommodations to qualified individuals so that an individual can perform their job related duties. If you are interested in applying for an employment opportunity and require special assistance or an accommodation to apply due to a disability, please contact us at 585-###-####. The wage range for this role takes into account the wide range of factors that are considered in making compensation decisions including but not limited to skill sets; experience and training; licensure and certifications; and other business and organizational needs. At Gorbel, it is not typical for an individual to be hired at or near the top of the range for their role and compensation decisions are dependent on the facts and circumstances of each case. A reasonable estimate of the current range is: Min $80,587 - Max $120,881