OVERVIEW

The Senior Security Engineer is responsible for optimizing security technologies across Crane NXT’s businesses. This role will also act as a primary information security advisor to the business and IT to facilitate secure deployment and operations of security technology solutions. This position will report to the Global Information Security (GIS) Security Engineering Manager.

REQUIREMENTS:

• Technical expertise across multiple disciplines within cyber security, such as directory services, server security, networking, intrusion detection/prevention, endpoint protection/EDR, Azure cloud security, virtualization platforms, digital forensics, incident response, web application firewalls; experience with cyber security frameworks and regulatory requirements.
• Strong understanding of leading-edge information security technologies.
• Ability to work in a collaborative environment.
• 3+ year’s information security experience in positions of increasing responsibility.

PREFERRED QUALIFICATIONS:

• Bachelor’s degree or higher in computer science, information systems, engineering, business administration or a related field.
• Relevant certifications such as ITIL, CISSP, CISM, CCSP and CRISC.
• Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management.
• Understanding of risk-based decision-making (e.g., risk analysis, mitigation, resolution, acceptance, etc.).

• Liaise with business units to ensure security controls are optimized and functioning as intended.
• Lead efforts to administer and maintain the Crane NXT Privileged Access Management system.
• Ensure business unit’s security personnel are well-trained, knowledgeable and familiar with the security technologies.
• Work within the GIS organization to assist with Vulnerability Program activities.
• Recommend and, when appropriate, implement enhancements to technologies and processes across business units and within the GIS organization.
• Help identify risks to Crane NXT and develop solutions to mitigate risk.
• Address gaps and inconsistencies within the security control framework by recommending and implementing solutions, including process improvements and automation.
• Support proof-of-concept (POC) activities to ensure that potential solutions are implemented in a secure manner and provide the least friction for the business.
• Respond to business concerns related to cybersecurity by collaborating with the GIS team to develop and implement appropriate solutions.
• Maintain relevant knowledge of current and leading-edge information security technologies and how these may be applicable to Crane NXT.
• Demonstrate an understanding of intellectual property processes and repositories and help ensure they are adequate.