Information Security Engineer

About The Position

Requirements

• Knowledge of information security priciples and technologies.
• Knowledge of policy frameworks and regulations (NIST, SOC2, FTC Safeguards, etc.).
• Experience with incident response concepts and the facilitation of investigations.
• Fundamental understanding of operating systems, systems monitoring, systems logging, networks, databases, and cloud resources.
• Experience with security tools and technologies (firewalls, antivirus, SIEM, EDR, DLP, etc.).
• Strong oral and written communication skills, excellent organization skills, and exceptional attention to detail.
• Ability to communicate confidently with individuals at all levels of the organization.
• Excellent analytical, critical thinking, and problem-solving abilities.
• Ability to work effectively, independently and within a team environment.
• On-time regular attendance.
• Bachelor’s degree in a technology related field or an equivalent combination of education and experience
• 3-5 years’ experience in an Information Security or related IT function

Nice To Haves

• Familiarity with secure software development lifecycle is a plus.
• Relevant industry recognized certifications are a plus (CISSP, CISM, Security+, etc).

Responsibilities

• Ensure adherence to compliance requirements and standards (NIST, SOC2, FTC Safeguards, etc.).
• Identify, define and document system security requirements and recommend solutions to management.
• Oversee employee awareness training program including phishing campaigns and reporting.
• Investigate security incidents, coordinate responses, and minimize impact.
• Identify weaknesses, assess risks, and prioritize remediation.
• Participate in internal and external security audits and assessments.
• Collaborate with technology teams to develop and document secure configurations, patch management procedures, and other relevant configurations that aid in maintaining a secure environment.
• Contribute to disaster recovery and information security response tabletop exercises.
• Champion, support, and contribute to creation and maintenance of information security and data privacy policies, standards, and procedures.
• Facilitate completion of security due diligence questionnaires and vendor risk assessments.
• Evaluate and recommend new security related solutions and technologies.
• Perform other duties as assigned.

Benefits

• Full Medical/Vision/Dental Benefits
• 401K with Company Match
• Flexible Hybrid or Remote Schedule
• 15 Days PTO
• Paid Holidays
• An Unmatched Company Culture
• On-Site Gym & Gym Membership Reimbursement
• Monthly, Quarterly and Annual Bonuses
• Employee Referral Bonuses
• Public Transportation Discounts
• Company Happy Hours
• Business Casual Dress Code