Information Security Engineer

THE COMPANY
Hannon Armstrong (NYSE: HASI) is the first U.S. public company solely dedicated to investments in climate change solutions, providing capital to leading companies in energy efficiency, renewable energy, and other sustainable infrastructure markets. Hannon Armstrong's core purpose is to make climate-positive investments with superior risk-adjusted returns. For more information, please visit www.hannonarmstrong.com. Follow Hannon Armstrong on LinkedIn and Twitter @HannonArmstrong.
POSITION SUMMARY
Responsible for establishing and maintaining compliance of a mission-critical enterprise network, following regulatory standards and guidelines. Developing and executing security controls, defenses, and countermeasures. Minimize vulnerabilities, intercept, and prevent internal or external attacks or attempts to infiltrate company information assets. Leads efforts to minimize service vulnerability by remediating security assessments and reports.  Identify gaps in capabilities and services, and identify and implement solutions to meet the needs of a maturing security program. This position is based in Annapolis, MD. 

RESPONSIBLITIES

• Manage and support production security solutions, including Azure and AWS security, Meraki and Cisco firewalls and switches, SIEM, IDS/IPS, S2S and client VPN, endpoint solutions, Linux, Windows Server and Client, third-party-application patching, and MFA and SSO
• Lead internal incident response, responding to live threats in progress, providing leadership and direction to the operations team to coordinate response activities
• Recommend, design, and implement technology using best practices and guidelines such that implementations are efficient, manageable, understandable, reliable, and well documented
• Perform internal threat analysis, including log analysis, responding to alarms, assessing the severity of potential threats, acting to remediate threats, and escalate to appropriate stakeholders
• Contribute to the ongoing development of incident response plans, ensuring emerging risks and threats are considered and incorporated
• Coordinate and analyze vulnerability assessments, and remediate risks   
• Identify issues that are not detected by monitoring systems through manual methods
• Assist Infrastructure and Operations teams with various security-related tasks as necessary
• Create new SOPs, documentation, and processes to further support all teams
• Prepare accurate system design and architecture diagrams, risk summaries, and reporting
• Oversee the migration from legacy security solutions to new solutions
• Ensure proper configuration management and change controls are executed to policy 

QUALIFICATION

• Bachelor’s degree in Computer Science, Cybersecurity, MIS, or equivalent experience
• Advanced certifications such as CISSP or CASP
• 6+ years of experience securing on-prem, Azure and AWS networks
• 6+ years of experience performing network traffic analysis   
• 6+ years of experience patching, hardening, and remediating risk on production servers, endpoints, appliances, and systems
• 3+ years of experience analyzing organization threats, including email, malware, and remediation
• 3+ years of experience training colleagues on risk mitigation and prevention
• Excellent interpersonal (verbal and written) English language communication skills are required to support working in project environments that includes internal, external, and customer teams
• Strong analytical, conceptual, and problem-solving abilities required
• Must be able to quickly learn and adapt to new technologies
• Ability to manage multiple priorities, and assess and adjust quickly to changing priorities
• Proof of legal authorization to work in the United States

COMPENSATION

• Salary commensurate with experience

EEO STATEMENT
The Company maintains a policy of non-discrimination in employment and complies with and supports all Federal, state, and local laws regarding discrimination in employment.  Specifically, the Company does not discriminate in employment opportunities or practices against any employee, intern, or applicant on the basis of race, color, gender, sex, sexual orientation, gender identity, religion, ancestry, national origin, age, citizenship status, marital status, pregnancy (including childbirth, lactation, or related medical conditions), mental or physical disability, veteran status, uniformed servicemember status, genetic information (including testing and characteristics), or any other characteristic to the extent prohibited by federal, state, or local law. Decisions regarding staffing, selection, and promotions are made on the basis of individual qualifications related to the requirements of the position.