Logistics done differently.
At XPO Logistics, we know that cutting-edge technology drives our success. As the IT Security Engineer III, you will be responsible for performing and facilitating complex analysis, development, testing, and documenting security methodologies and technologies. This position includes proficiency in Incident Response, Threat Analysis, and Governance, Risk, and Compliance. If you’re looking for a growth opportunity and a better lifestyle, join us at XPO.
Pay, benefits and more.
We are eager to attract the best, so we offer competitive compensation and a generous benefits package, including full health insurance (medical, dental and vision), 401(k), life insurance, disability, and the opportunity to participate in a company incentive plan.
What you’ll do on a typical day:
Provide engineering support to all IT and Security technical towers
Provide security review and analysis of business requirements, as well as the design of solutions for new and existing applications; determine and gather work estimates for security projects
Identify and evaluate security vendor software and integration strategies
Create and maintain functional and technical design specifications and solutions to satisfy security project requirements
Identify and implement appropriate testing strategies
Execute all steps required to deploy/implement the application solution
Initiate and help establish guidelines and controls; work under established guidelines and controls including CES corporate compliance, technical standards, and best practices
What you need to succeed at XPO:
At a minimum, you’ll need:
Strong background in security architecture including a deep knowledge of computer operating systems, VMware, Windows 7/10, Windows Server (2008 – current), Linux, and cloud technologies
Experience in designing and incorporating technical security controls that align to industry standards (ISO27001, NIST 800-53r4)
Experience designing and managing security controls within service providers and the cloud
Strong knowledge of data and information flows, information governance, and network protocols
Knowledge of wider information security-related principles, likely to be gained in industry or from a background in consulting
Ability to translate business and nonfunctional requirements to establish security controls that ensure a proper security design can be architected, and to document the security solutions for communications and training
Strong knowledge and experience designing and implementing technical security solutions such as secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention, and identity management solutions both internally and within cloud-provided services, with CASB products a plus
It’d be great if you also have:
Operational and technical experience with all of the following or their industry equivalents: McAfee Web Gateway, CA Identity Minder, McAfee Suite (HIPS, DLP, AV, etc.), InsightVM/Nexpose, IBM QRadar, Tripwire, HP Fortify, Zscaler Web Proxy, Proofpoint Email Protection/TAP, Tanium Endpoint Protection, Palo Alto Advanced Network IDS/IPS, Cylance Endpoint Protection
Excellent verbal and written communication skills
Strong leadership and partnering skills
Proven track record of successfully delivering business requirements on time and within budget
Self-motivated and able to work well with minimal supervision or in a team environment
Be part of something big. #LI-AM1
XPO provides cutting-edge supply chain solutions to the world's most successful companies, including Disney, Pepsi, L'Oréal, Toyota and many others. We’re the fastest-growing transportation company on the Fortune 500 list and we’re just getting started.
We are proud to be an Equal Opportunity/Affirmative Action employer. Qualified applicants will receive consideration for employment without regard to race, sex, disability, veteran, or other protected status.
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All employees may be required to perform duties outside of their normal responsibilities from time to time, as needed.