IT Security Engineer

IT Security Engineer

About HAECO Americas

Headquartered in Greensboro, NC, with facilities in Lake City, FL, HAECO Americas is a global, world-class aviation company providing services ranging from aircraft maintenance, repair, and overhaul to the manufacturing of aircraft interior products.

HAECO Americas is one of the leading aviation corporations in the world. We pride ourselves on safe, high-quality aviation products and services for our customers, as well as security and growth for our most asset our people.

Why HAECO Americas

A career with HAECO Americas is your chance to connect with a world leader in aircraft maintenance and interiors. Your career at HAECO will expose you to the best practices of aircraft maintenance on Boeing and Airbus wide-body and narrow-body jets for major airlines and operators.

As a HAECO team member, you will learn from the industry’s best, pick up new skills, and continue your professional development.

We offer a flexible, high-energy work environment with opportunities to innovate, learn and grow - doing work that matters.

The sky is the limit on how far your potential could take you at HAECO Americas.

HAECO Americas offers an array of benefits designed with the health and welfare of our employees in mind.

• Comprehensive Benefit Plans
• Health Savings Account
• Career Progression Program
• Paid Premiums for Certifications / Shifts
• Paid Time Off
• Employee Discounts
• Relocation Assistance (if applicable)
• 401k Savings Plan
• Employee Assistance Program
• Certification Assistance and Tuition Reimbursements
• Collaborative and Safe Work Environment

Position Overview

The IT Security Engineer will be responsible for designing, implementing, and managing security measures to protect HAECO’s IT infrastructure and data.

This role requires expertise in security best practices, threat analysis, and incident response.

• Design and implement security solutions to safeguard the organization’s IT infrastructure, applications, and data.
• Develop and maintain security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements.
• Conduct risk and vulnerability assessments to identify and address potential security gaps.
• Monitor security systems and networks for signs of security breaches or suspicious activity.
• Respond to security incidents and breaches, performing detailed analysis and remediation to prevent recurrence.
• Investigate and report on security incidents, including coordination with external agencies if necessary.
• Proactively identify security problems, monitor performance trends, perform upgrades, and make recommendations regarding security hardware, software, processes, and procedures as required.
• Configure and manage security tools, such as firewalls, intrusion detection / preventions systems (IDS / IPS), antivirus software, and encryption solutions.
• Stay up to date with the latest security technologies and trends, recommending and implementing improvements to the existing security infrastructure.
• Conduct regular security testing, including penetration testing and vulnerability scanning.
• Ensure that security measures meet compliance requirements for relevant regulations and standards.
• Maintain detailed documentation of security configurations, procedures, and incident reports.
• Assist with audits and compliance reviews, providing evidence and explanations of security controls and practices.
• Collaborate very closely with IT and development teams to integrate security practices into software development lifecycle and infrastructure.
• Plays an advisory role in application and / or web development projects to assess security requirements and controls and to ensure that security controls are implemented as planned.
• Collaborate with external vendors and partners to enhance security measures and address potential threats.
• Develops security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.
• Promote user security awareness and manage the distribution of end user training.
• Provide guidance and support to other IT staff on security-related matters.
• Some occasional travelling may be required.
• Perform other duties and special projects as assigned.

What you need : (Requirements)

Minimum

• Bachelor's degree in computer science, Information Technology, Cybersecurity, or a related field.
• Minimum 5 years of experience in an IT Security role.
• Strong knowledge of security protocols, encryption, and authentication mechanisms.
• Experience with security tools and technologies, including firewalls, IDS / IPS, and SIEM systems.
• Familiarity with operating systems (Windows, Linux) and network security concepts.
• Experience with threat analysis, incident response, and vulnerability management.
• Certifications in one or more of the following : Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP / OSCE / etc.

or other relevant certifications.

• Advanced problem solving and troubleshooting skills, with the ability to develop effective long-term solutions to complex problems.
• A solid understanding of endpoint / network defenses and security incident response.
• A deep understanding of the various technologies, services, and specifications that comprise and enterprise network.
• Must have excellent attention to detail and the ability to deliver within assigned timelines.
• Ability to set priorities and accomplish tasks with minimal supervision.
• Must be willing to support a 24 x 7 production environment (on-call rotation, or 24x7 on-call duties for administrators of systems / services).
• Ability to work independently and in a team environment.
• Excellent oral and written communications skills.

Preferred

• Experience with cloud security and technologies (AWS, Azure)
• Experience with DevSecOPs practices and tools.
• Experience in conducting research and identifying methods to detect emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs) with an emphasis on phishing and / or cybercrime.
• Experience with data analytic techniques, including machine learning, statistics and data mining to solve core business challenges.
• Working knowledge of a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS / IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.

Prior work experience implementing security standards and procedures.

Physical Requirements

• Normal mental and visual attention with manual coordination for keyboard operations approximately 50% of the time
• Normal or corrected hearing and vision required
• Must be able to lift 50 lbs.
• Must be able to work in a stressful, face-paced environment
1 day ago