Security Engineer III

Farnell

Farnell, an Avnet company, is a global high-service distributor of technology products, services and solutions for electronic system design, maintenance and repair.

Principal Responsibilities:

• Analyzes security-related hardware and software at the component level (e.g., firewalls, routers and switches).

• Conducts security risk assessments and compliance audits, recommending risk levels by identifying vulnerabilities in information and network security.

• Develops, maintains, and publishes policies and standards for security software systems to mitigate risk and influence user behaviors.

• Implements, administers, and ensures compliance with GIS data security programs and regulations, including GDPR and PCI-DSS.

• Enforces and monitors security standards, procedures, techniques, and guidelines.

• Provides technical guidance and consultation on information security issues.

• Identifies intrusions into information systems and recommends improvements based on findings.

• Implements upgrades, repairs, and modifications to information systems assets.

• Investigates and recommends security technologies, including data loss prevention, firewalls, encryption, and intrusion detection.

• Shares security knowledge with employees and the business.

• Manages provisioning, de-provisioning, and access levels for system assets.

• Designs and maintains log ingestion pipelines with parsing, normalization, and correlation rules for effective SIEM monitoring and alerting.

• Administers and optimizes SIEM use cases and dashboards for threat detection, incident triage, and compliance reporting.

• Implements and manages security controls in Azure and other cloud environments, including identity, network security groups, key management, and posture management.

• Reviews and hardens cloud architectures to align with security baselines, regulations, and GIS standards.

• Leads end-to-end vulnerability management, including scanning, risk-based prioritization, remediation tracking, and stakeholder reporting.

• Develops and maintains automation scripts (e.g., Python, PowerShell) to streamline operations like vulnerability enrichment, access reviews, and compliance checks.

• Other duties as assigned.

Job Level Specifications:
Extensive knowledge of principles, theories, concepts, job functions, and industry best practices. Develops solutions to complex problems through in-depth analysis of variables, determining optimal approaches and suggesting policy/procedure improvements. Works independently with judgment and discretion, exercising latitude in objectives and methods reviewed at a high level. Serves as primary contact on projects, interacting with senior professionals, management, and cross-departmental teams. Actions impact the organization failure or errors can hinder goals and incur substantial resource costs.

Work Experience:
Typically 5+ years with bachelor's degree or equivalent.

Education and Certification(s):
Bachelor's degree or equivalent experience yielding comparable knowledge and skills.

Preferred Qualifications:
Demonstrated expertise in vulnerability management, SIEM operations, cloud security (Azure), and automation scripting. Proficiency in risk-based prioritization, compliance frameworks (e.g., NIST, GDPR), and security operations automation aligns with core responsibilities.

The above statements are intended to describe the general nature and level of work being performed. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills.