Overview
Established in 2005 and based in Charlotte, North Carolina, Snap One is a manufacturer and exclusive source of A/V, security, control, networking, and remote management products for professional integrators. An industry leader in the pro-install channel, Snap One helps integrators build their businesses by providing a wide range of high-quality products, easily accessible through an intuitive website and backed by award-winning service and support. With a vast catalogue of today’s most popular brands, Snap One is the premier choice for professional installers across the globe. With 28 pro stores in the US, Snap One blends the benefits of ecommerce with the convenience of local stores. Additional information about Snap One and its products can be found at www.snapone.com
Reporting to the Cyber Security Team Lead, the Senior Cybersecurity Engineer will primarily focus on forensics, log management and threat modeling. The Cybersecurity Engineer is a seasoned professional, proactive self-starter who has strong problem-solving analytical skills with great attention to detail. The candidate must be comfortable working in a fast-paced, entrepreneurial, goal-oriented environment, emphasizes accountability for delivering results, and has hands-on experience with the latest security processes.
Responsibilities
- Collaborate with senior management across the company to prioritize security initiatives.
- Establish control-related processes/procedures while working towards building relevant security metrics and dashboards
- Act as an escalation point for and support Cyber Security incidents as a tier 3 support
- Perform forensic investigation in a case of an incident
- Own and improve Cyber Security incident management process
- Proactively work on threat modeling tasks
- Work closely with various business and support teams to identify and implement logging requirements
- Serving as subject matter expert for Cyber/Product Security, having strong software engineering skills
- Provide periodic reports to the management team and key stakeholders
- Work closely with the team to understand products (connected devices) in-depth and document the product details, including the security architecture, attack surface, trust boundaries, and data flows. Help the engineering team to develop Threat Models that enumerate cybersecurity threats by attack surface
Required Qualifications
- Commitment to diversity, equity, and inclusion, a personal growth mindset, and customer-centricity
- 5+ years of cybersecurity or engineering/development experience with increasing responsibilities
BA/BS or equivalent experience
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT, SANS, and NIST
- Proficiency in technical understanding of various IS components (Linux, Windows, WEB applications, IoT devices and network devices)
Preferred Qualifications
- Understanding of security by design principles and architecture-level security concepts.
- Application or software security certifications are preferred, such as CASP, CISSP, CEH, OSCP, CSSLP, GIAC, GSEC
- Hands-on experience with computer forensics, and threat modeling
- Cyber Security incident management experience
