Information Security Engineer I

About The Position

Requirements

• Bachelor’s degree (B.S.) in Information Security, Computer Science or a similar field and three (3) years of enterprise IT experience OR any equivalent combination of education and experience in lieu of degree.
• In-depth understanding of Microsoft operating systems and Active Directory, including Windows 10, Windows Server, and Group Policy.
• Experience with log aggregation software, specifically Security Information and Event Management (SIEM) software.
• Proficient general networking knowledge with layers 1-4 of the OSI model.
• Experience managing and monitoring firewalls.
• Knowledgeable with NIST Cybersecurity Framework and CIS benchmarks.
• Experience responding to anti-virus alerts and understanding when to escalate security events.
• Experience working with email security gateways and understanding of email flow.
• Proficient knowledge of security industry best practices and how to identify them within technical reviews of software and/or datacenter controls.

Nice To Haves

• Certified Ethical Hacker (CEH).
• CompTIA A+, Security+ and/or Network+.
• Certified Information Systems Security Professional (CISSP).
• Cisco Certified Network Associate (CCNA).
• GIAC Certified Incident Handler (GCIH).
• GIAC Certified Intrusion Analyst (GCIA).
• GIAC Certified Security Essentials (GSEC).
• Palo Alto Certified Network Security Engineer (PCNSE).

Responsibilities

• Performs daily system administrative tasks on security systems to ensure that our security systems are operational and high performing.
• Monitors and develops log aggregation and correlation software for first response, prioritization, and escalation of security threats. This involves building and developing new techniques for catching malicious behavior on our network.
• Executes phishing campaigns for the organization which includes system operations of phishing tools and assists with organizational security awareness training.
• Assists with the vulnerability management program by communicating new security threats to the appropriate work teams and then validating the remediation process.
• First responder for information security incident handling which includes identifying and triaging security incidents according to the incident response plan.
• Improves and maintains security documentation including data flow diagrams, network topology and security benchmarks for a variety of systems.
• Maintains and responds to alerts from our anti-virus software suite.
• Supports mail flow on our email security gateway including analysis of quarantined email and configuration of our data loss prevention controls.
• Assists with the maintenance and monitoring of our internal, external, and virtual firewall environment.
• Engages in organizational projects to ensure that security standards are implemented successfully.
• Executes technical security reviews of new and existing software vendors.
• Participates and assists and with the gathering of documentation for our 3rd party audits and regulatory audits.
• Completes documentation for workplans and changes on our security systems which include participation in the Change Advisory Board.
• Troubleshoots issues with remote connectivity for all employees and 3rd party vendors.
• Builds and troubleshoots IPsec VPN tunnels between 3rd party vendors including building appropriate firewall rules to maintain our existing security posture.
• Performs other job-related duties as assigned.