Information Security Engineer

Gulf Coast Automation Group•Schaumburg, IL

14h•$110,000 - $158,000•Hybrid

About The Position

TalentFish is casting a line for an Information Security Engineer . This is a full-time role that is hybrid in Schaumburg, IL. The purpose of this position is to ensure the continuous improvement, implementation, management, and enhancement of the organization's managed security platform tools and overall information security posture. This individual will play a key role in protecting systems, data, and infrastructure from cyber threats while cultivating a culture of security awareness and proactive risk mitigation.

Requirements

Bachelor's degree in Computer Science or related field.
5+ years of experience in information security or equivalent experience managing various aspects of security such as identity management, firewalls, security awareness SaaS platforms, and working with managed security providers (SIEM/firewall support).
Experience translating penetration test results and security assessment recommendations into actionable implementation plans.
Strong understanding of firewalls, proxies, SIEM, antivirus, and IDPS concepts.
Ability to identify and mitigate network vulnerabilities and communicate how to avoid them.
Knowledge of patch management and the ability to deploy patches in a timely manner while balancing business impact.

Nice To Haves

Preferred certifications include GCIH, Cloud Security certifications, MDR Certifications with vendors, or any GIAC Certification.
Experience deploying and supporting zero-trust network access products.

Responsibilities

Continuously improve, implement, manage, and enhance managed security platform tools (both in-house and managed security services).
Install security measures and operate software to protect systems and information infrastructure, including firewalls and data encryption programs.
Review and respond to daily data from email security SaaS platforms, cloud-based systems, and end-point protection platforms for potential security incidents.
Prioritize, resolve, and mitigate known and reported vulnerabilities to maintain a high-security standard.
Develop and implement company-wide best practices for IT security and risk mitigation.
Build and maintain a global security awareness and training program.
Implement, maintain, and monitor controls aligned with common security frameworks.
Partner with external vendors to routinely test internal and external vulnerabilities.
Train IT staff on secure infrastructure and DevOps best practices.
Build security workflows for secure code deployment and validation of existing code.
Research and recommend security enhancements and stay up to date with emerging technologies and compliance requirements.
Maintain patch management of servers, PCs, etc., and provide compliance reporting on a routine basis.
Participate in ensuring a safe and compliant workplace environment.
Perform other duties as assigned by management.