Senior Security Engineer - Global Security Services

Role Overview: As a Senior Security Engineer at ASSA ABLOY Group, you will be responsible for identifying, analyzing, and remediating vulnerabilities and misconfigurations across the organization's IT landscape. Your role will involve driving the adoption and enforcement of industry-leading security standards and frameworks to ensure robust protection of enterprise assets. You will collaborate with IT operations, architecture, and business stakeholders to implement technical controls, automate compliance, and foster a culture of continuous security improvement. Key Responsibilities: Proactively identify and assess vulnerabilities and misconfigurations in infrastructure, applications, and cloud environments using automated tools and manual techniques. Develop, implement, and enforce security hardening standards such as OWASP, CIS Benchmarks, CSA, NIST, ISO 27001, SOC 2, PCI DSS across all technology stacks. Utilize and enhance enterprise security management tools like BigFix, GPOs, SCCM, Ansible, Chef, Puppet, and infrastructure-specific platforms. Lead or support vulnerability management processes, including scanning, prioritization, remediation, and reporting. Collaborate with IT operations and development teams to ensure secure configuration baselines and compliance with security policies. Respond to security incidents, conduct root cause analysis, and implement corrective actions. Maintain up-to-date documentation of security standards, procedures, and technical controls. Stay current with emerging threats, vulnerabilities, and security technologies. Provide security awareness and technical training to IT staff and stakeholders. Additional Responsibilities for Senior Engineer: Lead the implementation of enterprise-wide security solutions and automation for vulnerability management and configuration compliance. Serve as a subject matter expert on security standards and frameworks, advising on risk mitigation and best practices. Drive continuous improvement initiatives for security posture, including the evaluation and integration of new tools and processes. Mentor and guide junior engineers and cross-functional teams in secure design and operations. Represent the security function in audits, compliance reviews, and executive briefings. Qualifications Required: Bachelor's degree in computer science, Information Security, or related field (or equivalent experience). Advanced proficiency in enterprise security and management tools, scripting, and automation. Industry certifications preferred: CISSP, CISM, CEH, OSCP, CompTIA Security+, GIAC, Microsoft/AWS/Azure Security certifications. 2+ years of experience in IT security or related roles for standard position; 5+ years of experience in IT security with demonstrated leadership in enterprise environments for senior position. Company Details: ASSA ABLOY Group is the global leader in access solutions, with nearly 63,000 colleagues in more than 70 different countries. The company values diverse, inclusive teams and different perspectives and experiences. They empower their employees to build their career around their aspirations and ambitions, supporting them with regular feedback, training, and development opportunities. Colleagues are encouraged to think broadly about where they can make the most impact and grow their role locally, regionally, or even internationally. Role Overview: As a Senior Security Engineer at ASSA ABLOY Group, you will be responsible for identifying, analyzing, and remediating vulnerabilities and misconfigurations across the organization's IT landscape. Your role will involve driving the adoption and enforcement of industry-leading security standards and frameworks to ensure robust protection of enterprise assets. You will collaborate with IT operations, architecture, and business stakeholders to implement technical controls, automate compliance, and foster a culture of continuous security improvement. Key Responsibilities: Proactively identify and assess vulnerabilities and misconfigurations in infrastructure, applications, and cloud environments using automated tools and manual techniques. Develop, implement, and enforce security hardening standards such as OWASP, CIS Benchmarks, CSA, NIST, ISO 27001, SOC 2, PCI DSS across all technology stacks. Utilize and enhance enterprise security management tools like BigFix, GPOs, SCCM, Ansible, Chef, Puppet, and infrastructure-specific platforms. Lead or support vulnerability management processes, including scanning, prioritization, remediation, and reporting. Collaborate with IT operations and development teams to ensure secure configuration baselines and compliance with security policies. Respond to security incidents, conduct root cause analysis, and implement corrective actions. Maintain up-to-date documentation of security standards, procedures, and technical controls. Stay current with emerging threats, vulnerabilities, and security