BMC Senior Information Security Engineer 

United States, Texas 

405409085

In this role, you’ll work across multi-cloud environments, leveraging a diverse set of security tools and learning something new every day! You'll design, build, implement, and maintain critical security solutions within top-secret government environments. As a Senior Security Engineer, you’ll drive continuous improvement by researching new ideas, implementing best practices, and ensuring the highest standards of security across all projects.

• Design, build, implement, and maintain security solutions that minimize risks to BMC's cloud subscription services.
• Assist with the code development, scripting, automation, and continued improvement of the SaaS Information Security program.
• Establish and maintain security best practices including boundary protections, and other associated processes.
• Develop mitigation strategies in response to identified risks from internal/external audits and customer assessments.
• Participate and serve as subject matter expert in security risk assessments.
• Collaborate with product architecture teams and make recommendations that improve cloud services.
• Work closely with IaaS/cloud partners to ensure architectures and systems meet BMC Information Security requirements.
• Coordinate with Security Operations Center to support security incidents.
• Review and approve security controls, processes, and changes.
• Comprehend complex security architectures and network data flows in multiple cloud environments.
• Review periodic security reports from internal and external sources.

• Ability to obtain a U.S. security clearance / existing security clearance.
• 7+ years of overall industry IT experience
• 5+ years of experience in Information Security, including strong understanding of distributed security architecture.
• CISSP, SANS, or similar industry information security certifications.
• Hands-on experience with Palo Alto Networks and Panorama network security products
• Proficiency in application and endpoint security solutions (preferably CrowdStrike), including host-based security, IDS/IPS, DLP, and file integrity monitoring.
• In-depth experience in cloud architectures and security components for leading platforms such as AWS, OCI, and GCP.
• Experience with Vulnerability and Configuration Management (Tenable Security), Container and Orchestration Security, and Access & Identity Management, Web Application Firewalls, SIEM.
• Excellent troubleshooting, problem solving, security risk analysis and solution design skills.
• Team-player with excellent communication skills (written & verbal) and ability to present complex technical information to both technical and non-technical audiences (including external customers as needed).
• Results-oriented with excellent time management skills