Engineer III - Information Security

About The Position

Requirements

• Bachelor’s Degree in Computer Science, Information Technology or any other related discipline or equivalent related experience.
• 4+ years of directly-related or relevant experience, preferably in information security.
• Network Solutions and Systems
• Cybersecurity
• Data Security
• Cloud Security
• IT Risk Management
• Root Cause Analysis
• Information Security Strategy Standards (SOX, ISO 27001/27002, COBIT, ITIL, NIST, PCI)
• Application Architecture
• Threat Intelligence and Monitoring
• Microsoft Office Suite
• Programming and Development Languages - JavaScript, HTML/CSS, Python, SQL
• Security Tools - SIEM, EDR, Email Security Gateway, SOAR, Firewall, Anti-virus, Firewalls, VPN IDS/IPS, AV, proxies, etc.

Nice To Haves

• Azure Security Engineer Certification
• Certified Cloud Security Professional (CCSP)
• Certification in Information Security Strategy Management (CISM)
• Certified Information Systems Security Professional (CISSP)
• CompTIA Security + Certification
• Systems Security Certified Practitioner (SSCP)

Responsibilities

• Conducts proactive research to analyze security weaknesses and recommends appropriate strategies to strengthen controls
• Assists on security initiatives/issues for one or more Information Security Strategy/Cybersecurity functional areas (e.g., Cyber Operations, Incident Response, Threat Intelligence, Threat Hunting, Forensics, Vulnerability Management, Data Analytics)
• Assists in the development, refinement, and implementation of enterprise-wide security policies and procedures and ensures they meet compliance responsibilities
• Reviews technical/functional design documents, build, maintain and implement cybersecurity, data security, and cloud security solutions
• Works on multiple projects as a key contributor and contributes to the strategic and tactical direction and consultation on cybersecurity initiatives
• Interfaces with business and IT leaders communicating security issues and responding to requests for assistance and information
• Supports Engineers I/II in conducting manual and automated penetration testing, vulnerability, and other security tests on software applications and assists in secure code reviews, and remediating identified programming flaws
• Provides security briefings to advise on critical issues that may affect the enterprise
• Gathers and analyzes reporting, metrics, and key performance indicators for executive review
• Work closely with the Lead Engineer in maintaining service-level agreements (SLAs) to ensure that security controls are upheld
• Guides, coaches, and mentors Engineers I/II in executing their tasks
• Works with information security and line of business management to identify, formulate and implement information security solutions and controls and to maintain and configure security tooling
• Coordinates with systems and network engineers to ensure servers and network devices conform to security standards and that security devices and controls are working as designed
• Engineers security controls to protect data and systems and provide security policy guidance and consultation
• Collaborates with other IT teams to focus on improving cloud and application security measures and integrate new and support existing security applications
• Communicates advanced information security concepts with clients, peers, and all levels of management and vendors effectively

Benefits

• Equal employment opportunity
• Reasonable accommodations for individuals with disabilities