Information Security Engineer I

About The Position

Requirements

• Bachelor's degree in Information Security, Computer Science, or a related field preferred.
• Equivalent combination of education and experience required.
• 4+ years of experience in information security or a related role required.
• Detailed knowledge of security protocols, cryptography, and security technologies required.
• Expertise with security tools such as firewalls, IDS/IPS, SIEM, and vulnerability scanners required.
• Demonstrate knowledge and expertise of risk assessment tools, techniques and methods including development of procedures and incident response plans required.
• Demonstrated knowledge of regulatory requirements and industry standards.
• Demonstrated competency securing technical systems and platforms required.
• Demonstrated effective collaboration across the organization and ability to effectively communicate network security issues to peers and management required.
• Strong problem-solving skills and the ability to work under pressure required.

Nice To Haves

• 2+ years experience in a Financial Services preferred.
• Security + preferred.
• Network + preferred.
• PCIP preferred.
• CISSP preferred.
• CEH- Certified Ethical Hacker preferred.

Responsibilities

• Security Engineering and System Enhancements:
• Research and deploy advanced security technologies including identity and access management, email hygiene, vulnerability management, SIEM detection rules, or multi-factor authentication
• Design and implement security systems to detect and defend against modern attacks.
• Collaborate with architecture and operations teams to design network and application defenses.
• Develop security product roadmaps for advancing Information Security Program capabilities
• Identity and Access Management Engineering:
• Leveraging cloud and on-premise technologies such as MFA, Entra, and Active Directory, develop solutions for improving authentication security while reducing user impact.
• Threat and Vulnerability Engineering
• Evaluate current vulnerability management program and develop improvements in detection and analysis.
• Develop and maintain intrusion detection systems (IDS) and intrusion prevention systems (IPS).
• Scan and monitor networks to identify possible vulnerabilities and intrusions and build tools and strategies to resolve possible causes of security threats.
• Network Security Engineering
• Evaluate current network design and configuration standards and recommend architectural changes to reduce risk and increase visibility.
• Develop and maintain intrusion detection systems (IDS) and intrusion prevention systems (IPS).
• Scan and monitor networks to identify possible vulnerabilities and intrusions and build tools and strategies to resolve possible causes of security threats
• Endpoint Security
• Design, implement, and maintain endpoint security tools to control applications, manage firewall data flows, and log aggregation, and malware detection and defenses.
• Documentation and Reporting
• Maintain detailed documentation of security configurations, incidents, and actions taken.
• Prepare regular reports on security metrics, incidents, and compliance status for management review.
• Perform on-going security reviews and audits to validate, troubleshoot and improve applications' security. Partner with internal and external auditors as well as federal regulators and department management with information security governance and compliance activity investigations.