Information Security Engineer

Since 1922, Shorr Packaging Corporation has been providing its customers with products and services designed to deliver the best packaging solutions with an ongoing focus on innovation and progress. In 1984 we became an employee-owned company which drives a culture of support, collaboration, and a drive to win. Every employee-owner across the country is committed to Shorr’s success by offering our customers a unique combination of in-depth business knowledge and personal service. Our significant year over year growth can be directly tied to our culture of employee ownership focusing on unparalleled customer service and support.

The solution to our success is our people, both our customers and our employee owners.

The Information Security Engineer is the first line of defense against malicious actors in the IT industry. This person will be responsible for developing, implementing, and monitoring security controls that effectively safeguard sensitive data in the event of a cyber-attack. This role is highly collaborative, involving frequent interaction with various members of the IT team and business stakeholders. They are responsible for screening Shorr’s critical IT infrastructure for weaknesses and create robust countermeasures to prevent future incidents.

Responsibilities 

• Plans, develops, implements, and maintains security strategies, policies, standards, controls, and processes as it relates to the organizational IT infrastructure (computer and information systems, security, communication systems)
• Responsible for supporting to security tools and technologies such as firewall, proxy server, remote access, and others. Including being responsible for documenting the configurations and network designs to help in the effective execution.
• Recommend, manage, and conduct security audits and risk assessments (e.g., penetration test, SOC, PCI, etc.) on a periodical basis and direct the deployment of security technologies and program enhancements
• Monitor systems for irregular behavior and set up preventive measures
• Assist in driving threat and vulnerability management including reporting, research, and resolution
• Assist in the development and maintenance security metrics and analytics
• Assess and evaluate threats, vulnerabilities, and other risk factors
• Support IT teams in Incident Response process including effort to minimize impact and quickly deliver resolution and communication
• Develops and oversees effective plans and procedures to ensure business critical services are recovered in the event of disasters or other incidents, and provides direction, support, and in-house consulting in these areas ensuring company business continuity.

Qualifications: 

• Bachelor’s degree in Computer Science, Information Technology, or related field preferred
• 5 + years of experience in Information Security across the following domains: data security and privacy, application security, email security, cloud security, SaaS management and security, Active Directory and Group Policy management, Identity and Access Management, vulnerability management, firewall management, EPP/EDR management, IDS/IPS, SIEM, Mobile Device Management
• Strong understanding of Information Security General Controls, as well as network, OS, application and database controls
• CISSP, CISA, CRISC, CEH, or equivalent security certifications desired 

Shorr Packaging Corp. is an Equal Opportunity Employer (Female/Male/Disability/Veteran/Sexual Orientation/Gender Identity) that provides our employee owners with excellent compensation and benefits including 401K, employee stock (ESOP), medical, dental, life, and more.