Security Engineer II

Want to work on a world-class team building life-changing financial products? Let me introduce you to Progrexion – that’s what we do every day.

Based in downtown Salt Lake City, our team builds industry leading services that help consumers access, understand, and verify their credit reports are fair, accurate, and substantiated. Our services power the technology behind Lexington Law (an independently owned law firm), Credit.com, and CreditRepair.com.  And the good news? We have a lot of fun while we do it.

The successful candidate will demonstrate our Corporate Guiding Values of Integrity, Consumer Advocacy, Teamwork, Development, Quality and Performance in all areas of his/her work. The Security Engineer II will be a highly skilled individual that is an expert in managing security technology and complying with PCI and compliance requirements.  This individual will have strong technical skills to ensure Progrexion’s information is secure at all times. Our ideal candidate will not only be a team player but will also have a strong engineering background and ability to convey technical information into business terms.

We are looking for a Security Engineer II to join the Information Security team. The Information Security Engineer is responsible for supporting and deploying security solutions. The incumbent will aid in generating new ideas and initiatives and help support the daily operations of IT Security. They will also contribute to the process and technology improvements and excellence in the Information Security function.

• Monitor environments for security issues.
• Investigate security breaches and other cyber security incidents.
• Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
• Document and research security breaches and assess the damage they cause.
• Work with internal teams to perform tests and uncover network vulnerabilities.
• Help remediate detected vulnerabilities to maintain a high-security standard.
• Stay current on IT security trends and news.
• Develop company-wide best practices for IT security.
• Research security enhancements and make recommendations to management.

• 5-7+ years combined in information technology/security with emphasis on network security. A BS in a technical field such as information security or computer science can be considered as supplementary experience.
• Strong history in advising and executing security architecture design and assessments.
• Great degree of familiarity with designing and implementing secure Enterprise networks.
• Current technical expertise in network security control design and engineering to include technologies such as: Next Generation firewalls, web proxies, NAC, IDS/IPS, FPC, FIN, VPNs, SDWAN, and NetFlow tools.
• Significant experience with SIEM and logging technologies.
• Knowledgeable with Threat Hunting practices.
• Experience with SOAR platforms and creating run books / play books.
• Experience with NMAP, Wireshark and other network discovery/enumeration tools.
• Experience with hardening network devices, servers, and endpoints.
• Experience with both executing and defending network penetration tests.
• Experience with AWS and Azure cloud infrastructure security.
• Significant experience with Linux and shell scripting.
• Experience with Span/Tap technologies.
• Strong Project Management experience.
• A strong curiosity, initiative, persistence, and willingness to experiment to provide solutions to diverse technical challenges.
• Experience with programming languages (e.g., Javascript, Python, Ruby, Java, C++)
• Security industry certificates such as: CISSP, CEH, Security+ are plus.
• Automation skills are a plus.

The job description is not designed to cover or contain a comprehensive listing of required duties or responsibilities. Other duties, responsibilities and activities may change or be assigned at any time with or without notice.