Human Resources

  • Information Security Engineer

    Posted Date 1 month ago(8/14/2019 12:53 PM)
    Job ID
    # of Openings
    Information Technology
    ARCO Business Services
    Job Location
    US-MO-St. Louis

    Have you built a cyber security program including all its processes and procedures? Are you attracted to the challenge of creating your own compliance and security program? Do you act with integrity and hold yourself to the highest standards? If the answer is, “Yes!” then we have an exciting, long-term opportunity for you. Who are we? We are ARCO, The Design/Build Experts.


    We are looking for a strong candidate to step into our Information Security Engineer role in our corporate headquarters in St. Louis. You’ll be responsible for developing and delivering solutions that protect systems, applications and data through defined policies, practices and tools in our growing organization.


    We are dedicated to the well-being of our associates and are proud to be consistently recognized as a Best Place to Work. Our compensation and benefits package not only supports our associates and their families but benefits local communities and communities around the world.


    • Industry-leading performance-based bonus program
    • Generously funded profit sharing
    • Traditional and Roth 401k
    • Tuition reimbursement for associates
    • Scholarship for associates’ children up to $28,000 per child
    • 1-month paid sabbatical after every five years of employment, plus $5,000 for travel
    • 1-week paid volunteer leave each year
    • 100% charitable match
    • Medical, dental, and vision insurance coverage
    • 100% paid 10-week maternity leave


    At ARCO, our first core value is to treat people fairly and do the right thing. We are proud to be an equal opportunity employer, and all qualified applicants will receive consideration for employment.


    • Responsible for maintaining confidentiality, integrity, and availability of information, applications, infrastructure, and cloud environments.
    • Responsible for the implementation of security controls across networking devices, databases, operating systems, hardware and software components according to best practices and expert recommendations.
    • Responsible for management of systems that support information security including virus detection systems, endpoint detection and response, data loss prevention, network anomaly detection, cloud access security brokers, security information event management, and other security systems.
    • Assists in planning, deployment, administration and maintenance of various security applications and tools to secure the organizational assets.
    • Participates in evaluation of security products and/or procedures to enhance productivity and effectiveness.
    • Perform network and security systems administration to include providing role-based system access, integrating new data log sources and modifying configuration settings and policies.
    • Monitors security systems for indications of malicious activity and escalates suspected or identified security incidents to the Head of Information Security.
    • Conduct and monitor results of security awareness training, simulated phishing exercises and provide progress reports on on-going and previous campaigns.
    • Respond to alerts and dashboards, set up monitoring criteria, troubleshoot warnings, and provide partnership with IT supports teams on outages to resolve alerts to include on call support.
    • Schedule and report on critical system vulnerabilities utilizing Nessus or Rapid7 tools and collaborate to remediate vulnerabilities across devices and systems.
    • Collaborates with IT Management and external vendors to facilitate security audits and address exceptions.
    • Gather and provide appropriate security metrics to senior management using available security tools and services


    • 5+ years of experience in information security operations and administration
    • Understanding of security logging, audit logging, and event logging.
    • Understanding of and ability to perform and interpret vulnerability assessments.
    • Experience in conducting, participating in, and evaluating security testing activities e.g., security assessments, audits, and penetration testing.
    • Experience with network and system security administration, including system security configuration and account management best practices and cyber security toolsets.
    • Experience supporting operational security activities e.g., firewall implementation, risk mitigation, host security, encryption, intrusion detection, Virtual Private Network (VPN) implementations, and viral detections.
    • Experience in planning and/or review security lockdown and/or hardening of Servers (Windows, UNIX, etc.) and network devices
    • Knowledge of industry standard best practices with regards to security
    • Working knowledge of Microsoft Active Directory, Microsoft Windows Operating Systems and Microsoft Exchange, Microsoft Azure, Office 365

    Preferred Skills and Certifications

    • CISSP: Certified Information Systems Security Professional
    • Security +
    • Firewall Technologies (Cisco Meraki, Palo Alto, Check Point),
    • Endpoint Security (Crowdstrike, Symantec, CarbonBlack, BitDefender),
    • Analytics (Splunk, LogRythm),
    • Vulnerability Management (Tenable, Qualys, Rapid7),
    • Cloud Security (Azure, GCP, AWS),
    • Identity Management technologies include, CyberArk, Okta, Office 365
    • Preferred experience working with various event logging systems and must be proficient in the review of security event log analysis. Previous experience with Security Information and Event Monitoring (SIEM) platforms such as Splunk, LogRhythm that perform log collection, analysis, correlation, and alerting.


    We are one of the fastest-growing, privately owned companies in America, completing over 4,000 design/build projects across 48 states. We ranked #16 out of the top 100 design/build companies in the U.S. and #47 on the ENR Top 400 Contractors list of 2019. Most importantly, our clients like us, trust us and want to do business with us. We are looking for people with the same enthusiasm, passion, and respect for hard work that brought us to where we are today. Are you a person that can make a difference at ARCO? If the answer is, “Yes!” we look forward to meeting you.


    ARCO does not accept unsolicited resumes from individual recruiters or third-party recruiting agencies without pre-approval from ARCO’s Human Resource team. Pre-approval is required before any external candidate can be submitted. ARCO will not be responsible for fees related to unsolicited resumes and for candidates who are sent directly to our hiring managers.


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed