Bothell, WA (Corporate)

Information Security Engineer

North America

Reports to: Director, Information Security & Cloud Operations

Position summary

The Information Security Engineer will design, develop and implement enterprise security solutions and processes to protect systems and data from intentional or inadvertent access or destruction.  This requires experience managing security solutions & toolsets used to protect the entire network infrastructure, deep understanding of perimeter protection, encryption, cyber-attacks, end-user protection and employee security training and awareness.  The Information Security Engineer will also be accountable for the vulnerability management program, and 3rd party security risk assessments.

About Winshuttle

Are you interested in working in a fun, collaborative environment, for an award winning workplace? Winshuttle is dedicated to fostering a culture of respect and innovation to support and empower employees' ambitions. We're constantly looking for entrepreneurs who aren't afraid to think outside the box, and don't take themselves too seriously. We embrace and support our employees who seek opportunities for continued learning, inspire others, and live and breathe our core PACT values. We have a work hard, play hard mentality; we're constantly evolving lean solutions for ERP business processes by day, and dominating on the frisbee golf course by night. Our strength and competitive advantage stems from our awesome employees, and we strive to create a balanced work life that is as inspiring and rewarding as life at home. Think you might be a great fit?

Essential functions and responsibilities

  • Aligns security tools and strategy with business requirements
  • Leads the research, designs, and advocates new technologies, architectures, and security products that will support security requirements for the enterprise and its customers
  • Represents security and operations disciplines in project discussions, ensuring that designs and standards are in place to appropriately manage technology risks, and to ensure robust, scalable solutions.
  • Leads and manages the vulnerability management program
  • Analyze, troubleshoot, and investigate security-related, information systems’ anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
  • Understand and manage file integrity verification and monitoring
  • Develop technical solutions and documentation to help mitigate security vulnerabilities
  • Conduct research to identify new attack vectors
  • Management of next generation firewall technologies
  • Management of client end-point security software
  • Management of Global Security Information & Event Management (SIEM) Solution
  • Strong understanding of IT Governance Controls
  • Ability to work and collaborate with auditors and assessors

Desired behaviors

  • Receptive to change – is flexible. Seeks and adopts improved approaches and processes.
  • Initiates action – is results oriented, takes responsibility for actions and outcomes. Meets commitments and strives for high performance.
  • Leads by example – makes timely decisions, prioritizes and delegates effectively, solves problems, monitors results and takes remedial action where necessary.
  • Technically proficient – knows role and has a solid familiarity with tasks and responsibilities.
  • Takes responsibility for learning – knows personal strengths and recognizes development needs. Is open to feedback and always seek to learn.
  • Communicates ideas – proposes a way forward. Listens to views of colleagues and takes in diverse perspectives.
  • Works collaboratively – shares information, fosters teamwork and contributes to positive work environment where people want to come to work.
  • Display ethical character and competence – acts with integrity and intent, is accountable for own actions, behaves according to the PACT values. Act as a good citizen of Winshuttle.


  • Security certifications (e.g., CISSP, CISSO, CISA, CEH, GIAC certs) preferred
  • Proven track record of testing, deploying and training cross-functional teams with Enterprise Security Solutions designed to protect company data and its employees data and identities.
  • Self-driven, detail oriented, excellent analytical skills, a strong leader who works well with immediate and extended team, and consistently puts the team above oneself.
  • Ability to work well with cross organizational teams and leadership.
  • Strong desire to build, ability to multitask, sense of ownership and urgency


  • BA/BS degree in computer science or other related fields
  • 5+ years’ experience managing an IT function preferably IT cloud operations and security
  • Solid foundation in web and SaaS App security, penetration testing and cryptography
  • Expertise in conducting web and application security assessments covering threat modeling, design reviews and in-depth implementation audits
  • Strong understanding and support of change management, continuous improvement and Agile methodology
  • Security Information & Event Management (SIEM) platform experience
  • 3+ years’ experience with security software, architecture and application security framework methodologies, IE. SANS & OWASP Frameworks

This job posting does not imply that these are the only duties to be performed. Employees occupying this position will be required to follow any other-related instructions and to perform any other job related duties requested by their supervisor. To perform this job successfully, an individual must be able to perform each essential duty and meet the physical requirements satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.