Senior Information Security Engineer

Our world is transforming, and PTC is leading the way.Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business.

Our people make all the difference in our success. Today, we are a global team of nearly 7,000 and our main objective is to create opportunities for our team members to explore, learn, and grow - all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.

Atlanta, Georgia (Buckhead) - Onsite 5 days per week

Job Description

Our world is transforming, and PTC is leading the way. Our software brings the physical and digital worlds together, enabling companies to improve operations, create better products, and empower people in all aspects of their business.

Our people make all the difference in our success. Today, we are a global team of nearly 7,000, and our main objective is to create opportunities for our team members to explore, learn and grow- all while seeing their ideas come to life and celebrating the differences that make us who we are and the work we do possible.

Position Purpose:

Lead the delivery of the cybersecurity framework for a large-scale secure implementation supporting a growing and expanding business. Working in a secure environment, this role is focused on securing and protecting the application and data and implementing United States Government standards. This individual is the primary focal point for working with security auditors and key stakeholders, providing the necessary information. This role works closely with other infrastructure, network, and database engineers to support the maintenance, upgrades, and implementation of network security applications and hardware.

Essential Functions and Duties:

• Install, configure, and maintain Security Event Information Management (SEIM) across Linux and Windows environments.
• Security tool implementation and performance Continuous Monitoring: Tenable or other Vulnerability Scanning and Management tool; Log Files Management; IDMS tools; Anti-virus, Firewall: (e.g., Wazuh, Trellix EPO, Solarwinds, Tenable), and Penetration testing.
• Evaluate security infrastructure tools/architecture for improvements and adaption to changing government standards.
• Assistance with configuration and validation of DISA Security Technical Implementation Guidelines (DISA) and identification of exceptions with mitigations
• Establishes, maintains, and monitors all security policies and access rules defining specific access to network, files, and database management systems according to the System Security Plan.
• Identifies potential Security Incidents and participation in Security Incident Response planning and execution. Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
• Stay current on emerging technologies and threats and proactively assess and evaluate their adoption into the organization.
• Perform COMSEC Manager role and work with FSO and infrastructure team on implementing key security practices required to maintain the secure facility.
• Advise management (e.g., CIO) on risk levels and security posture.
• Be able to work independently in a secure space where access to fellow security engineers is limited.

Skills and Knowledge:

• Knowledge of cybersecurity principles.
• Knowledge of computer networking concepts and protocols, and network security methodologies
• Knowledge of encryption algorithms (e.g., Internet Protocol Security [IPSEC], Advanced Encryption Standard [AES], Generic Routing Encapsulation [GRE], Internet Key Exchange [IKE], Secure Hash Algorithm [SHA])
• Key Management implementation and maintenance experience
• Detailed understanding of virtualized platforms, Linux, and Windows use and administration, and applicable security vulnerabilities and controls
• Detailed understanding of the web, application, and database architectures and applicable security vulnerabilities and controls

Experience:

• DoD Risk Management Framework (RMF) knowledge, NIST SP 800-53, and NIST SP 800-171 experience
• Experience with FedRAMP/DISA reporting and compliance
• Demonstrated experience building and managing vulnerability management programs from vulnerability discovery processes to remediation and validation

Minimum Qualifications:

• The applicant should currently hold and be able to maintain a US security clearance at the Secret level
• Ability to work on-site in the Atlanta Office for the majority of working hours and on-call support as needed
• 5+ years proven experience and demonstrated success in technology roles with emphasis on vulnerability management, information security and a strong technical background
• Strong oral and written communication capability. Clearly communicate complex ideas into simple terms for key stakeholders.
• Currently possess or ability to obtain DoD 8570.01 Base Line certification (e.g. CAP CCNA Security - CISCO, CASP+ CE, CISM, CISSP (or Associate), GSLC, CCISO, HCISPP) IAM Level II & IAT Level II.

Life at PTC is about more than working with today's most cutting-edge technologies to transform the physical world. It's about showing up as you are and working alongside some of today's most talented industry leaders to transform the world around you.

If you share our passion for problem-solving through innovation, you'll likely become just as passionate about the PTC experience as we are. Are you ready to explore your next career move with us?

We respect the privacy rights of individuals and are committed to handling Personal Information responsibly and in accordance with all applicable privacy and data protection laws. Review our Privacy Policy here."