IT Security Engineer (Security Detection/Vulnerability)

Summary

CHS has an exciting opportunity in our Information Technology group. We are looking for an experienced level IT Security Engineer to join our Security Detection/Vulnerability team. We are seeking a candidate with excellent technical and communication skills, both verbal and written. As an experienced Security Engineer, you will play a pivotal role in enhancing the security posture of CHS by proactively identifying, evaluating, and remediating vulnerabilities and potential threats.

Responsibilities

• Provide day to day and project related security support for system maintenance, and the integration of security technology infrastructure and processes.
• Conduct continuous vulnerability assessments tests to identify, validate, prioritize, and report potential security vulnerabilities in software, systems, and networks.
• Collaborate with cross-functional teams, including software developers, network engineers, and security analysts, to develop and implement security strategies and processes.
• Analyze and assess the impact of security vulnerabilities, considering the threat landscape, attack vectors, and potential business impact.
• Track and report on the status of identified vulnerabilities, ensuring timely remediation and mitigation efforts.
• Provide guidance and support to development and infrastructure teams in implementing security best practices and addressing identified vulnerabilities.
• Develop, implement, and maintain security tools, scripts, and automation to streamline the detection and remediation process.
• Maintain up-to-date knowledge of emerging threats, vulnerabilities, and industry best practices, sharing this information with relevant teams and stakeholders.
• Participate in incident response efforts, providing expert knowledge on vulnerabilities and potential remediation strategies.
• Continuously improve CHS Inc.'s security posture by identifying gaps, recommending enhancements, and implementing changes.
• Participate in security compliance efforts (e.g. SOX and PCI).
• Participate in the evaluation and recommendation of new and emerging security products and technologies. Interact and negotiate with vendors, outsourcers, and contractors to secure system-related products and services.
• Create and maintain documentation as it relates to security, system and network configuration, mapping, processes, and service records.
• Perform other responsibilities as needed or assigned.

Minimum Qualifications (required)

• High School Diploma (or equivalent)
• 2+ years of experience in Information Technology and/or IT Security

Additional Qualifications

• Bachelor's degree in Computer Science, Information Security, or a related field, or equivalent experience
• Knowledge of common vulnerability frameworks, such as CVSS and OWASP Top Ten
• Strong understanding of information security principles, threat modeling, and vulnerability management best practices
• Proven track record of effectively supporting commonly-used information security tools and processes
• Knowledge of system security vulnerabilities and remediation techniques
• Familiarity with industry standards and compliance frameworks, such as ISO 27001, NIST, or PCI-DSS
• Proficiency with at least one scripting language (e.g.: Perl, Python, PowerShell)
• Thorough understanding of the latest security principles, techniques, and protocols
• Knowledge and/or experience with penetration testing
• Relevant certifications, such as CISSP, CEH, OSCP, or GIAC

Physical Requirements

• Occasional off-hour and weekend work may be expected.
• Pre-employment screening is based on the job requirements and industry guidelines and may or may not be required for the position. If required, selected candidates must pass pre-employment screenings to include all or a combination of drug, criminal, motor vehicle check, physical requirements and FMSCA Clearinghouse.