WASH is a company that our customers depend on to keep them going so they can provide valuable services to their clients across USA and Canada (Coinamatic Inc. and ParkSmart Inc). We strive to build a sense of purpose and achievement in the work we do while staying true to the DNA of our core values. We value our people and encourage the development of talented and motivated employees to support the continued performance and growth of our diverse operations. We have been the foundation of many successful careers. At our core we are an innovation driven, fast-paced team environment with a high performance culture.  If you are looking for a career that will challenge and engage you, is focused on customer care and quality service, then WE are the company for you.  We invite you to bring your passion and experience to our team!

The Sr. Security Engineer is responsible for providing the vision, leadership, and security direction to support the mission of the organization. This position has both strategic and architectural/engineering management responsibility for all aspects of security: user, data, system, application, infrastructure, processes, financial, customer security.

This is a single-level classification. Incumbents in this classification apply advanced technical information-security and -management knowledge in developing and overseeing company wide information-security policies, standards, methods, practices and tools.

This Senior Security Engineer is primarily responsible for architecture, developing, providing direction and overseeing all WASH information-security programs. Responsible for all aspects of information security within the company regardless of whether security responsibilities are centralized, decentralized or matrix managed.

Responsibilities:

• Secures enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; mentoring team members.
• Aligns standards, frameworks and security with overall business and technology strategy
• Establish security standards, policies and procedures for infrastructure, application, middleware, and data including development, QA and deployment best practices, for in-house and outsource. Develop a best practice business continuity/disaster recovery program to ensure technology availability and safety for employees.
• Develop roadmap and lead design and delivery of security landscape with a focus on thwarting malware, hacker intrusions and denial of service attacks.
• Develop penetration testing strategy and work with outside vendor to executive penetration testing.
• Assist Security Auditor in carrying out planned and on-demand audit.
• Ensure all applicable aspects of the WASH environment meet current PCI compliance requirements.
• Securely Provision: conceptualize, architect, design and/or build secure IT systems and networks. Design elements of security architecture to mitigate threats as they emerge
• Operate and Maintain: provide support, administration and maintenance necessary to ensure effective and efficient IT system performance and security.
• Oversee and Govern: provide leadership, management, direction and advocacy so the organization may effectively conduct cybersecurity work.
• Protect and Defend: identify, analyze and mitigate threats to internal IT systems and/or networks.
• Analyze: perform highly-specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.
• Collect and Operate: provide specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence. Maintains security by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
• Investigate: investigate cybersecurity events or crimes related to IT systems, networks and digital evidence. Identify security design gaps in existing and proposed architectures and recommend changes or enhancements or upgrades to security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements.

Requirements:

• A Bachelor’s degree in Information Technology, Computer Science or related field. Masters’ Degree in CS or IT preferred.
• Proven track record of successfully leading security initiatives with solid skills in business management and a working knowledge of information security best practices.
• Former experience as a Cybersecurity Analyst, Cybersecurity Engineer and/or Cybersecurity Architect.
• Extensive experience in information security and/or IT risk management with a focus on security, performance, reliability, security attack pathologies.
• Solid understanding of security protocols, cryptography, authentication, authorization and security
• Good working knowledge of current IT risks and experience implementing security solutions
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
• Experience with Windows, Active Directory, Azure, and AWS, Wired, and Wireless environments.
• Experience working with Palo Alto firewalls, Meraki, endpoint protection solutions, IDS/IPS, etc.
• Ability to perform forensic, digital investigations to root-cause.
• Experience implementing multi-factor authentication, single sign-on, identity management or related technologies
• Working knowledge of cyber law and ethics, web and mobile application architectures, API/Micro services, scripting languages, relational and non-relational databases.
• Ability to interact with a broad cross-section of personnel to explain and enforce security measures
• Excellent written and verbal communication skills as well as business acumen and a commercial outlook
• Advanced security qualifications such as SABSA (Sherwood Applied Business Security Architecture), CISSP (Certified Information Systems Security Professional), or AWS Certified Security - Specialty certifications are highly desirable.
• Certified Information Systems Security Professional (CISSP) certification is required.  Other certifications, such as CISM will be considered.
• Knowledge of common information security management frameworks, such as ISO 27001, COBIT and NIST.
• Significant knowledge of cyber threat actors and their attack methodologies.
• Ability to effectively interact with clients having a broad range of computer knowledge and ability.
• Ability to organize, prioritize, and implement work assignments.
• Ability to present ideas in user-friendly language.
• Ability to thrive in an environment of continuous change.

At WASH, customer service is at the heart of everything we do.  Even with our solid reputation as an industry leader, our product isn’t laundry equipment, it’s customer service.  WASH introduced ease and convenience into the laundry operations experience with our tech-forward solutions, expert management, and top-of-the-line equipment.  And that’s just the start, we have big plans for our digital transformation!  A multinational company operating in 24 U.S. states and all the Canadian provinces, WASH provides a variety of innovative laundry solutions for multifamily, campus and on-premise laundry operations. 

We offer an excellent benefits package which includes medical, dental, vision, paid vacation, educational reimbursement, and a superior 401K/profit-sharing plan.  We are an Equal Opportunity/Affirmative Action/Drug Testing employer and do not discriminate against any employee or applicant for employment because of race, color, sex, age, national origin, religion, sexual orientation, gender identity, status as a veteran, or basis of disability or any other federal, state, or local protected class.