Senior Security Engineer

DAT Solutions, LLC Senior Security Engineer Seattle, Washington Apply Now

About DAT
DAT is an award-winning employer of choice and a next-generation SaaS technology company that has been at the leading edge of innovation in transportation supply chain logistics for 45 years. We continue to transform the industry year over year by deploying a suite of software solutions to millions of customers every day - customers who depend on DAT for the most relevant data and most accurate insights to help them make smarter business decisions and run their companies more profitably. We operate the largest marketplace of its kind in North America, with 400 million freights posted in 2022, and a database of $150 billion of annual global shipment market transaction data. Our headquarters are in Denver, CO, with additional offices in Missouri, Oregon, and Bangalore, India. For additional information, see Job Application Deadline: 10/30/2024

The Opportunity
DAT is looking for a Senior Security Engineer to join our security team! This position will work remotely in Seattle. The Senior Security Engineer is responsible for developing, implementing, and maintaining advanced security measures to protect DAT's information systems. This role involves hands-on technical work and strategic oversight to ensure that security policies and procedures are in place and effective. The Senior Security Engineer will collaborate with various teams including but not limited to IT, Product, Engineering, Development, and external vendors to ensure security is integrated into the design of systems and applications. The position requires a deep understanding of security technologies and the ability to stay ahead of emerging threats.

What You'll Do:

1. Design, implement, and manage security systems and protocols across the organization.
2. Develop and maintain security architecture standards and processes for enterprise systems.
3. Work closely with the architecture and development teams to ensure security is integrated into infrastructure and applications.
4. Conduct regular security assessments, including vulnerability scans and penetration testing.
5. Analyze security risks and partner with the risk & controls department to develop mitigation strategies.
6. Monitor and respond to security incidents, ensuring quick resolution and minimizing damage.
7. Oversee daily security operations, including monitoring, logging, and incident response.
8. Establish and maintain security tools such as firewalls, intrusion detection/prevention systems, and SIEM solutions.
9. Manage and update security policies, procedures, and best practices based on evolving threats.
10. Lead the incident response team in investigating and responding to security breaches.
11. Perform root cause analysis and implement preventive measures to reduce future risks.
12. Prepare post-incident reports for executive leadership and suggest action plans for improvement.
13. Ensure compliance with industry standards and regulations (e.g., ISO 27001, NIST, GDPR, PCI-DSS).
14. Participate in internal and external security audits and testing, coordinating remediation of findings.
15. Stay current on emerging security laws and regulations and ensure organizational compliance.
16. Serve as a security subject matter expert (SME) in cross-functional projects.
17. Collaborate with IT, DevOps, and product teams to integrate security into development lifecycles (DevSecOps).
18. Stay informed of the latest cybersecurity trends, tools, and threats.
19. Recommend and implement new security solutions as appropriate to ensure protection against emerging risks.
20. Analyze, gather, and communicate key security metrics to measure the effectiveness and overall health of the information security program.
21. Develop dashboards and reports to provide actionable insights to stakeholders, helping guide strategic decisions and continuous improvement of security measures.
22. Participate in security conferences, certifications, and continuing education.