Currency Exchange International (CXI) is a Money Service Business based in Orlando, Florida.

Currency Exchange International, Corp. is a publicly traded company on the Toronto Stock Exchange (CXI) and OTC (CURN). CXI provides a wide range of foreign exchange services to customers in both the United States and in Canada. CXI’s primary business channels to service customers are through its company-owned branch locations and foreign exchange partnerships with financial institutions and corporations. CXI has been providing global payment solutions for clients that span wide-ranging industries. As one of North America's leading foreign exchange wholesalers, CXI can provide personalized and efficient service, competitive rates, as well as a number of settlement options. To learn more, please visit: www.ceifx.com

Our Value Statement: We help our clients identify and create foreign exchange solutions, delivering a best practices approach through unparalleled customer service and integrated technology to create significant financial and operational efficiencies.

Our Values:

• Customer First - We earn the right to be our clients’ first choice.
• Integrity - We hold ourselves to the highest standard to build trust.
• Collaborative - We always win as a team.
• Innovative - We find new methods to deliver change and advance technology to the industry.
• Passionate - We are driven to be the best in class.

Currency Exchange International is looking for a Full-Time Security Engineer to join their team at the Corporate Office in Orlando, Florida.

Currency Exchange International is an Equal Opportunity Employer that does not discriminate on the basis of actual or perceived race, religion, color, sex (including pregnancy and gender identity), sexual orientation, parental status, national origin, age, disability, family medical history or genetic information, political affiliation, military service, any other non-merit based factor or any other characteristic protected by applicable federal, state or local laws. Our leadership team is dedicated to this policy with respect to recruitment, hiring, placement, promotion, transfer, training, compensation, benefits, employee activities and general treatment during employment. If you’d like more information about your EEO rights as an applicant under the law, please visit http://www1.eeoc.gov/employers/poster.cfm

The Security Engineer will lead the technical side of security operations, including developing ways to improve the company's security posture, identifying new security technologies, and ongoing monitoring of existing security systems.

Essential Functions

• Develop and maintain the security architecture and roadmap for the company's IT infrastructure, including Active Directory, Microsoft 365, AWS, Cloudflare, Web application firewalls, and next-gen firewalls.
• Implement and manage security tools and technologies to protect the company's systems and data, such as authentication systems, web filtering systems, endpoint detection and response systems, log management systems, intrusion detection/prevention systems, firewalls, and vulnerability scanners.
• Develop and execute an incident response playbook to respond to and mitigate security incidents.
• Develop and manage a vulnerability management program to identify and remediate vulnerabilities in the company's systems.
• Conduct security assessments and audits to identify potential security risks and recommend solutions to mitigate those risks.
• Monitor security systems for anomalous behavior and investigate potential security incidents.
• Stay up-to-date on the latest security threats, vulnerabilities, and technologies and recommend ways to enhance the company's security posture.
• Conduct penetration testing and vulnerability scanning on network and web applications to identify vulnerabilities and recommend mitigation strategies.
• Develop and implement security policies and procedures for network and web application security.
• Monitor network traffic and logs for security events and investigate potential security incidents related to network and web application security.
• Collaborate with developers to ensure that web applications are developed with security in mind, including secure coding practices, input validation, and access controls.

Other Duties

Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee. Duties, responsibilities and activities may change at any time with or without notice.

Requried Education and Experience: 

• At least 3 years of experience managing and configuring the security capabilities in Microsoft 365, AWS, Cloudflare, Web application firewalls, EDR platforms, log management platforms, and next-gen firewalls.
• At least 2 years of work experience with incident detection, incident response, and forensics.
• Proficiency in query languages, such as Splunk Processing Language, Kusto Query Language, Lucene, or others.
• Proficiency in scripting languages such as Python, C++, Bash, PowerShell, or others.
• Experience creating and executing an incident response playbook.
• Experience managing a vulnerability management program and related technologies.
• Experience with network and web application security, including penetration testing, vulnerability scanning, and secure coding practices.
• Strong understanding of security best practices and standards, such as NIST and ISO 27001.
• Strong understanding of the MITRE ATT&CK and D3FEND Frameworks, Cyber Kill Chain framework, the Diamond Model, the Pyramid of Pain, or other prominent frameworks.
• Familiarity with the concept, purpose, and application of Sigma, Yara, and Snort/Suricata rules.
• Strong problem-solving skills and the ability to work independently and as part of a team.
• Excellent communication and collaboration skills.
• Relevant security certifications, such as CISSP, CISM, or SANS GIAC, are a plus.

Our Competencies:

• Action Oriented: Invests time in upfront planning to achieve organizational goals and objectives while meeting quality standards, following the appropriate processes, and demonstrating continuous commitment.
• Effective Communication: Effectively and appropriately interacts with others to build relationships, influence others, and facilitate the sharing of ideas and information. Uses tact and diplomacy to navigate difficult situations. Relays key messages by creating a compelling story, targeted to specific audiences.
• Nimble Learning: Continuously seeks opportunities to learn, questions the applicability of past approaches in the current environment, owns growth, and embraces failure as a learning opportunity.
• Optimizing Work Processes: Employee knows the most effective and efficient processes to get things done, with a focus on continuous improvement.
• Situational Adaptability: Thrives and grows in a rapidly changing and complex environment. Displays flexibility, activates networks, and adopts a continuous growth mindset to learn from mistakes and bounce back from adversity.
• Functional/Technical Skills: Has the functional and technical knowledge and skills to do the job at a high level of accomplishment.

Position Type/Expected Hours of Work:

This position may require additional hours outside of normal business hours when circumstances demand.

Travel:
Travel is not expected at this time.

• Commuter Reimbursement - CXI will pay the toll, bus or metro cost in and out of work
• Vacation - 2 weeks of paid vacation
• Sick/Personal Days - 1 week of paid sick/personal time off
• Health/Dental/Vision - CXI pays 60% of the Health/Dental/Vision Insurance premiums
• Short and Long-Term Disability - Plan premiums are fully covered by CXI
• 401K Plan - Eligible to enroll in this plan after 1 year of employment, CXI matched up to 5%