Staff Security Engineer

WHAT YOU’LL DO AT SPLASH:

• Develop and implement DLP strategies and tooling to prevent unauthorized access and exfiltration of sensitive data.
• Optimize the use of our SIEM tooling, ensuring it delivers full value through customized monitoring, alerting, and incident response capabilities.
• Conduct regular training for the security team to enhance in-house expertise.
• Design and deploy a comprehensive vulnerability management program, including periodic scanning, risk assessment, and prioritization for remediation.
• Lead security risk assessment efforts, identifying, evaluating, and reporting risks to executive leadership.
• Develop strategies for risk mitigation or acceptance, ensuring informed decision-making at the executive level.
• Enhance the existing incident response framework, focusing on security-specific scenarios requiring specialized expertise.
• Regularly conduct cybersecurity maturity assessments to identify gaps and areas for improvement.
• Implement and maintain cybersecurity frameworks that align with business goals and compliance requirements.
• Develop and maintain dashboards and reports for real-time visibility into the security posture.
• Work closely with compliance teams to ensure ongoing adherence to all relevant security standards and regulations.
• Develop and oversee comprehensive security training and awareness programs, including PII handling, password management, and anti-phishing campaigns.

WHAT YOU’LL BRING TO SPLASH:

• Proven experience in security engineering, including DLP, SIEM, vulnerability management, and incident response.
• Strong understanding of compliance frameworks (SOC2, PCI, ISO 27001) and experience leading certification efforts.
• Excellent communication skills for effective risk communication, training delivery, and cross-departmental collaboration.
• Strategic thinker with the ability to translate security needs into actionable plans and solutions.