Information Security Engineer

About The Position

Requirements

• Bachelor of Science in Computer Science or a related field or a minimum of 7 years comparable work/military experience
• Severn or more years’ work experience as a System Security Engineer or related position
• Proven experience developing, operating and maintaining security systems
• Extensive knowledge of operating system and database security
• Proficiency in networking technologies, network security and network monitoring solutions
• Knowledge of security systems including anti-virus applications, content filtering, firewalls, authentication systems and intrusion detection and notification systems
• In-depth knowledge of security protocols and principles
• Critical thinking skills and ability to solve complex problems
• Advanced level experience with scripting automation using Python, Bash & PowerShell
• Proven experience building security reference architecture for on premise, all-in cloud deployments, and hybrid scenarios
• Implementation experience with enterprise security solutions such as Endpoint Protection (DLP/Whitelisting/HIPS), WAF, IPS, Anti-DDOS, and SIEM/FIM.

Nice To Haves

• Security Certifications such as CISSP, CISM, CCNA-S, CISA, GIAC (preferred)

Responsibilities

• Lead design, development, and deployment of technical and application solutions to meet business requirements that are cost effective, sustainable and follow industry best practice. Deliver conceptual, logical, and physical solution specifications.
• Translate business requirements using complex methods and models to determine appropriate system solutions.
• Research, identify, test, certify, and select technology products required for solution delivery.
• Enhance security team accomplishments and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
• Determines security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues.
• Plans security systems by evaluating network and security technologies; developing requirements for local area networks (LANs), wide area networks (WANs), virtual private networks (VPNs), routers, firewalls, and related security and network devices; adhering to current industry standards.
• Verifies security systems by developing automation to implement test scripts.
• Upgrades security systems by monitoring security environment; identifying security gaps; evaluating and implementing enhancements and provide leadership in the threat and vulnerability assessment process.
• Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations and disseminating that information to applicable Information Security team members.
• Enhances department and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.
• Ongoing improvement and communication related to the corporate security incident response plan and lead team through incidents and act as first responder. The first responder must be able to communicate while under pressure and be able to direct a team to resolve the incident
• Develop Information Security Process and publish to applicable staff. Provide enforcement and training as needed. This will include partnering with software development architecture team to act as a threat modeling consultant.
• Communicate with other members of the security team to keep InfoSec management, IT management and senior leadership apprised of the risks and threat landscape. Offer recommendations on the best course of action to stay in line with budgets and resources
• Proactively engage across IT and the business to ensure an understanding of the importance of information security to protect data and technology assets
• Lead, investigate, document, and partner to resolve security issues through individual and team contributions
• All other duties as directed by management.

Benefits

• Employer-paid comprehensive medical, pharmacy, and dental for employees
• Vision insurance
• Zero co-payments for employed physician office visits
• Flexible Spending Account (FSA)
• Employer-Paid Life Insurance
• Employee Assistance Program (EAP)
• Behavioral Health Services
• 401k Retirement Savings Plan
• Income Protection Insurance
• Vacation Time
• Company celebrations
• Employee Assistance Program
• Employee Referral Bonus
• Tuition Reimbursement
• License Renewal CEU Cost Reimbursement Program for non-providers
• Business-casual working environment
• Sick days
• Paid holidays
• Mileage