JOBSEARCHER

Information Security Engineer

We are HCSS. For the last 40 years, we have been developing software to help construction companies streamline their operations. Based in Sugar Land, TX, our mission is helping customers achieve excellence through our proven customer-centric, end-to-end solutions and exceptionally helpful service, while providing a great life for our employees. With this mission at the core of everything we do, HCSS is a pioneer and leader in the construction software space and a consistently recognized employer. We have earned Best Companies to Work for in Texas honors for 18 consecutive years and have been named a USA Today Top Workplace. HCSS has also been recognized by Built In as a Best Place to Work in Greater Houston and by Construction Executive for our technology innovation, reflecting our strong culture, industry leadership, and commitment to excellence.Who We NeedAn Information Security Engineer at HCSS ensures the integrity and availability of our infrastructure, making sure that all systems are secure and provisioned with just the right level of access. Working in a 15-time “Best Places to Work in Texas” organization, you will be surrounded by smart and enthusiastic colleagues and have the opportunity to further your career. You will be exposed to state-of-the-art cloud technology, server management tools, and enterprise grade applications. If this sounds exciting to you, then this is the dream job for you!QualificationsMinimum of 5 years of experience in a security roleStrong knowledge of Azure security tools and services, including Defender for Cloud, Azure Networking, and Entra IDExperience in developing and delivering security training programsProven experience in incident response and handling security incidentsExcellent communication and interpersonal skillsStrong analytical and problem-solving abilitiesPreferred QualificationsRelevant certifications such as CISM, or Azure Security Engineer Associate are a plusBachelor's degree in Computer Science, Information Security, or a related field is a plusRole ResponsibilitiesSecurity Design and Implementation:Design, implement, and deploy security solutions within Microsoft Azure, AWS, and GCP platforms using governance mechanisms such as Azure Policy, Defender for Cloud, AWS Guard Duty, and moreDrive improvements in log ingestion strategy for the SIEM by applying deep subject matter expertise and by partnering with relevant teams.Collaborate with HCSS Dev, DevOps, and IT teams to design and implement security solutions across our ecosystemProvide expertise in security data collection and automation, with a focus on enhancing SIEM and SOAR capabilitiesIdentity And Access ManagementCollaborate with IT and HR to architect and maintain IAM solutionsConduct regular reviews of IAM infrastructure and synchronization, with particular focus on access levels and requirementsConduct regular reviews of user and application identities access levelsIncident ResponseLead monitoring, analysis and response to security events and incidentsEngage with team members and stakeholders within the HCSS Security Operations Center Develop and maintain incident response plans and proceduresParticipate as a technical resource when security incidents are escalatedConduct post-incident analysis to identify root causes and implement corrective actionsCollaborate with cross functional teams to mitigate and remediate security incidentsRespond to and investigate security incidents and eventsPrioritize and address security-related tickets in a timely mannerVulnerability ManagementConduct regular security assessments and audits to ensure compliance with industry standards and best practicesCollaborate with Development and DevOps to address and remediate security vulnerabilities within cloud computing platformsRun regular vulnerability reporting for IT assets and locationsConduct security assessments for third party applications and integrationsStay abreast of the latest vulnerabilities and security technologiesTraining And DevelopmentDevelop and deliver security training programs for employees to promote security awareness and best practicesCreate training materials, including presentations, manuals, and online resourcesConduct regular security workshops and company-wide presentations to keep staff updated on the latest security threats and mitigation strategiesHybrid RequirementsAbility to work at our Sugar Land office 2–3 days a weekBenefits & PerksPart of our mission is to provide a great life for our employees. We believe that when our people are happy, they do their best work. Some of the benefits and perks we offer include:Flexible hybrid scheduleMedical, dental, and vision coverage with company-paid and employee-paid optionsPaid holidays, sick days, and personal time offEmployee Resource Groups (ERGs) that foster connection and inclusionOn-site amenities including a covered basketball court, soccer field, track, pickleball/tennis courts, gym, etc.Dog-friendly campus and WiFi-accessible courtyards401(k) with a 5% company matchCoverage for employee professional development and wellnessAnd more!