Sr Security Engineer

About The Position

Requirements

• Bachelor’s degree in Computer Science, Computer Information Systems, Business Information Systems, Engineering, Information Security, or related discipline or equivalent work experience and technical training is required.
• Industry certifications, including one or more of the following: CISSP, CISA, CISM, SANS GIAC, or other industry specific certification.
• Minimum 5 years of experience in Information Security.
• 6+ years of experience in IT with a broad range of exposure to business planning, systems analysis, security solutions, application development and infrastructure support.
• Experience in IT must include exposure to systems analysis, security solutions and application development, and infrastructure support.
• Familiarity with information security standards, including NIST, COBIT, ISO 27001, ITIL.
• Experience in data administration and security methods plus experience in various database design techniques.
• Working knowledge of RDBMS technology and dial in access control systems.
• Familiarity with multi-platform environments and their operational/security considerations.
• Experience as an IT auditor is highly valuable.
• Demonstrates competency in strategic thinking with abilities in relationship management.
• Successfully developed and implemented new technology.
• Demonstrates competency in project management in a cross functional environment and experience in managing resources to meet goals on multiple projects.
• Demonstrates competency in developing effective solutions to diverse and complex business problems.
• Ability to relate business requirements and risks to technology implementation for security related issues.
• Broad knowledge and prior work experience with risk assessment procedures, policy formation, role based authorization methodologies, authentication technologies and security attack pathologies.
• Superior technical proficiency in security related hardware and software.
• Ability to function as a consultant to other IT groups on security matters as a recognized technical expert.
• Ability to effectively adapt to rapidly changing technology and apply it to business needs.
• Strong knowledge and understanding of business needs with the ability to establish and maintain a high level of customer trust and confidence in the security team's concern for customers.
• Proven ability to work under pressure in emergencies.
• Flexibility to handle pressure coming from all directions simultaneously.
• Strong analytical and problem solving skills.
• Strong customer focus and ability to manage client expectations.
• Confidence and leadership as a project lead or team member of project teams in a cross functional environment.
• Excellent oral and written communication skills.
• Ability to present and discuss technical information in a way that establishes rapport, persuades others, and gains understanding.
• Solid project management skills, especially in a cross functional environment.
• Strong team oriented interpersonal skills.
• Ability to effectively interface with a wide variety of people.
• Effectiveness in all aspects of the core business skills: analysis, communication, writing, and negotiation.

Nice To Haves

• Master's degree is preferred.

Responsibilities

• Serves as primary driver to identify securable resources and mentor/assist business staff in selecting appropriate resource owners.
• Works with resource owners in business organizations to determine appropriate security policies for securable resources.
• Consults with IT technical services staff to evaluate, select, install and configure hardware and software systems that provide appropriate security functions.
• Mentors, leads or assists resource owners and IT staff in understanding and responding to security audit failures reported by internal and external auditing departments.
• Determines processes and oversees review of operation logs and event console activity to determine cause of security-related events or to identify potential security related events.
• Advises security administration staff on normal and exception processing of security authorization requests.
• Determine appropriate level of documentation.
• Documents security policies and maintains resource classification scheme.
• May be required on occasion to present information on security status, project status and security training to audiences from management to field staff as appropriate.
• Proactively protects the integrity, confidentiality and availability of information in the custody of or processed by the company by: responding in a timely manner to a loss or misuse of information assets; leading and participating in investigations of suspected information security misuse or in compliance reviews as requested by auditors; communicating unresolved security exposures, misuse or noncompliance situations to management.
• Consults with IT management to ensure selection and use of realistic enforcement mechanisms.
• Oversees review of security policies and resource classification scheme; keeps management informed of project status.
• Provides technical expertise and guides the administration of security tools that control and monitor information security, including: updating access control tables; setting up user logon ids and assigning/resetting passwords; designing computer system access reports to identify possible security violations.
• Researches, defines, develops and maintains effective disaster recovery plans, processes and procedures necessary to recover services in the event of a declared disaster.
• Provides direction and in house consulting in these areas.
• Researches, evaluates, designs, tests, recommends and plans implementation of new or improved information security software or devices.
• Analyzes new software applications or tool implementations for implications to existing security software and devices.
• Defines curriculum and trains information owners in the implementation of necessary computer security controls or new/upgraded security software and devices.
• Develops and implements information security educational programs, conducting awareness seminars and workshops as appropriate.
• Maintains technical reference library.
• Develops technical information materials and workshops on these new areas for IT as appropriate.
• May perform other duties as assigned or required.

Benefits

• Weekly pay
• Scheduling flexibility
• Paid parental leave
• Paid education assistance
• Team member discount
• Development programs for advancement and career growth