HiringCafe
Posted 2mo ago

Senior Security Engineer

@ VIA Metropolitan Transit
View All Jobs
San Antonio, Texas, United States
$80k-$111k/yrOnsiteFull Time
Responsibilities:designs controls, implements solutions, supports incident-response
Requirements Summary:Bachelor's degree and 5+ years in information security, strong knowledge of security controls, cloud security, and incident response; CISSP/CISM/GIAC/Security+/CCSP certifications preferred.
Save
Mark Applied
Hide Job
Report & Hide
Job Description

GENERAL DESCRIPTION OF WORK:

Under the direction of the Information Security Manager, the Senior Security Engineer serves as a senior technical contributor supporting VIA’s information security architecture, operations, and risk management program. This role partners closely with IT and business teams to design, implement, and maintain security controls while ensuring systems and processes are documented, sustainable, and transferable within a small team environment. The Senior Security Engineer plays a key role in strengthening VIA’s security posture through technical leadership, collaboration, and disciplined documentation, rather than reliance on individual or informal knowledge.

ESSENTIAL FUNCTIONS:

Designs, implements, and maintains security controls and technical solutions in partnership with the Information Security Manager.

Supports the development and maintenance of VIA’s information security architecture, including Zero Trust, identity security, endpoint protection, network security, and monitoring solutions.

Develops and maintains security architecture diagrams, system documentation, runbooks, and standard operating procedures to ensure continuity of knowledge in a small team environment.

Partners with Technology Operations and other IT teams to coordinate vulnerability identification, remediation activities, and control implementation.

Supports the development, testing, and refinement of incident response procedures and participates in coordinated response activities following documented processes.

Assists with the configuration and ongoing improvement of security monitoring and alerting capabilities, including managed detection and response (SOCaaS/MDR) services.

Supports the review, implementation, and maintenance of security policies, standards, and technical controls aligned with industry best practices.

Provides technical guidance and security recommendations for IT projects, cloud services, and system changes.

Participates in security risk assessments, control reviews, and compliance-related activities as required.

Contributes to security awareness and training initiatives by providing technical input and supporting program refinement.

This job description excludes marginal functions that are incidental to performing the job. Other duties may exist.

REQUIRED EDUCATION AND EXPERIENCE:

Bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a related field and five (5) years of progressively responsible experience in information security, systems security, or network security. Experience may be substituted in lieu of education on a year-for-year basis up to four years.

PREFERRED QUALIFICATIONS:

Experience working in an enterprise IT environment with responsibility for security controls, monitoring, and response.

Experience supporting or implementing cloud-based and Zero Trust security architectures preferred.

Preferred certifications:

· CISSP, CISM, or equivalent

· GIAC security certifications

· Security+, CCSP, or similar

ADDITIONAL REQUIREMENTS:

Strong knowledge of information security principles, risk management practices, and control frameworks.

Experience with network security, firewalls, intrusion detection/prevention, endpoint protection, and security monitoring tools.

Familiarity with cloud security architectures, Zero Trust concepts, identity and access management, and modern endpoint security platforms.

Ability to document technical systems and processes clearly for use by other technical staff.

Ability to work independently while coordinating closely with a small team and cross-functional partners.

Ability to analyze security risks and recommend practical mitigation strategies.

Strong written and verbal communication skills.

Ability to manage multiple priorities in a small-team environment.

Ability to exercise sound judgment in security-related decision-making.

Able to work in a team-oriented, collaborative environment.

Must be able to maintain good work attendance.

Safety Accountability Statement:

- Employees must consider safety in all tasks performed, as well as demonstrate safe judgment and decisions that not only maintain their own safety; but that of fellow employees and customers.

- Demonstrate a professional commitment to assure compliance with all organizational policies, practices, and programs related to safety, health, and system security.

- Employees have a responsibility to identify and report hazards, as well as potentially unsafe conditions, to your immediate supervisor or Safety Department.

- Employees are responsible, and required, to stop a job/task to prevent an unsafe incident or act from occurring. This acknowledges the threat of potential injury, property damage and the opportunity for better judgment to be used.

Must comply with and support all applicable VIA EEO Policies and Procedures.

PHYSICAL REQUIREMENTS:

Physical ability required to be mobile, bend, stoop, stand, reach, and occasionally lift 5-25 pounds of objects, such as files, equipment and supplies, and books.

WORK ENVIRONMENTS:

Participates in a shared on-call or escalation rotation as defined by the Information Security Manager.

May be required to respond to security incidents or critical issues outside of normal business hours on an as-needed basis.

Work is primarily performed in an office environment   


    VIA is an Equal Employment Opportunity Employer, providing equal opportunity to all qualified individuals, regardless of race, color, religion, age, sex, national origin, veteran status, genetic information, or disability.