Information Security Engineer
About The Position
The Information Security Engineer will participate in the planning, design, enforcement, and audit of security policies and procedures which safeguard the integrity of and access to enterprise systems, files, and data elements. This position will recognize and identify potential areas where existing data security policies and procedures require change and where new ones need to be developed, especially regarding future business expansion. This role will provide management with risk assessments and security briefings to advise them of critical issues that may affect customers, members, or corporate security objectives. This individual will participate in the evaluation of security products, services, and/or procedures to further enhance the security posture of the organization. The Information Security Engineer will work closely with other areas including Information Services Operations and Development to collaborate on security best practices. This role will foster an environment of heightened security through presenting at employee orientation, crafting organizational articles, and end-user education when required.
Requirements
- Bachelor’s degree in Information Systems or related field or equivalent work experience
- 5 years’ experience in a related field of work
- Knowledge of risk assessment tools, technologies, and methods
- Knowledge of security tools such as endpoint detection and response, monitoring of internet traffic for both onsite & remote users, and intrusion prevention
- Knowledge of database (MSSQL/MongoDB/MySQL)
- Knowledge of IDS/IPS, penetration, and vulnerability testing
- Knowledge of firewall and intrusion detection/prevention protocols
- Ability to function in a system administration role supporting multiple platforms and applications (Windows, UNIX, Linux OS, etc.)
- Ability to plan, research, and develop security policies, standards, and procedures
- Ability to communicate network security issues to peers and management
- Ability to read and use the results of mobile code, malicious code, and anti-virus software
Nice To Haves
- CISSP or CISM
- Knowledge of disaster recovery, computer forensic tools, technologies, and methods
- Strong understanding of software development frameworks and code review
- Knowledge of virtualization technology
Responsibilities
- Aid in the development of security plans and policies.
- Recommend and implement protections.
- Assist in vulnerability assessment and reparation.
- Using organizational tools, monitor for threat intelligence.
- Research weaknesses and find ways to counter them.
- Monitor for and investigate any security breaches.
- Participate in the vetting of 3rd party vendors and Business Associates.
- Perform enterprise risk assessments.
Benefits
- Comprehensive Health, Vision, and Dental Coverage
- 401(k) Savings Plan with company match and immediate vesting
- Paid Time Off (PTO)
- 9 Paid Holidays annually plus a Floating Holiday to use as you choose
- Tuition Assistance
- Flexible Spending Accounts
- Healthcare Reimbursement Account
- Paid Parental Leave
- Community Service Time Off
- Life Insurance and Disability Coverage
- Employee Wellness Program
- Training and Development Programs to develop new skills and reach career goals
- Employee Assistance Program
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
