Information Security Engineer II

About The Position

Requirements

• Hold a bachelor’s degree in computer science, Information Technology, or an engineering-related field, or possess equivalent experience
• Minimum of 3 years’ background working in an IT Security capacity
• Knowledge of information security policy design
• Proficiency in data loss prevention tools and techniques
• Ability to conduct, interpret, and report on data loss prevention configuration alerts
• Familiarity with vulnerability and penetration testing tools and techniques
• Proficiency in conducting, interpreting, and reporting on vulnerability and penetration tests
• Experience participating in security audits
• Skill in monitoring for security events, evaluating, and responding where appropriate
• Minimum Required: CompTIA Security+
• Produce and maintain documentation and evidence with diligence
• Working knowledge of ISO, NIST, and other information security standards, laws, and regulations
• Strong analytical skills
• Take initiative and demonstrate comfort with self-directed learning on industry risks and changes
• Perform risk analysis and provide recommendations to mitigate risk
• Communicate effectively in writing and verbally
• Speak confidently when dealing with internal constituents
• Identify problems, review related information, develop and evaluate options, and implement solutions
• Build domain knowledge of our environment to understand long-term risk areas that may develop as systems evolve
• Incorporate industry security standards into practical security operations, network operations, and application development practices
• Familiarity with Privileged Access Management (PAM) tools and concepts
• Knowledge of computer networking concepts and protocols, and network security
• Working knowledge of the Agile Framework

Nice To Haves

• Additionally Preferred: CISSP, Microsoft Security Certifications (SC‑200 – Security Operations Analyst Associate), CCSP, CCNA, and CCNP: Security

Responsibilities

• Monitor areas of responsibility to prevent, detect, and investigate security alerts
• Assist in reviewing and improving annual security initiatives and areas of focus
• Coordinate, facilitate, and maintain the schedule for access reviews
• Provide security guidance and troubleshoot security issues as required
• Manage and improve information security documentation as required
• Deliver appropriate and accurate metrics to management
• Participate as a key member of the Information Security team by supporting operational security initiatives and cross-functional risk reduction efforts
• Stay up to date on new information technologies and apply innovations to the company’s security standards and best practices
• Collaborate with team members and other business functions, business partners, management, vendors, and external parties for information gathering and best practice recommendations
• Conduct security reviews, evaluations, and risk assessments, and develop recommendations for improvements as appropriate