Information Systems Security Engineer

Overview: The Information Security Engineer will plan, implement, upgrade, and monitor security protocols for the protection of the organization’s computer networks and information. The ideal candidate will have a passion for information security, a positive attitude, and a continuous desire to learn. Responsibilities: Identify threats, vulnerabilities, risks, and control gaps across the enterprise Configure, manage, and operate various security technologies (SIEM, EDR, IDS/IPS, PAM, DLP, NGFW, WAF, GRC, M365, Azure, AWS, etc.) Recommend, design, and deploy new security solutions and processes Remediation of critical vulnerabilities Collaborate with business and technology stakeholders to design effective security controls Review security alerts and investigate potential threats Conduct investigations with a high degree of professionalism and confidentiality Conduct incident response for security events with cross functional teams Serve as a trusted advisor to peers and leadership Stay current on industry trends and emerging threats Develop and implement plans to safeguard digital data from accidental or unauthorized modification, destruction, or disclosure; adheres to emergency data processing needs. Review violations of security procedures; provides training to ensure violations do not recur. Perform risk assessments, audits, and tests to ensure proper functioning of data processing activities and security measures. Safeguards system security and improves overall server and network efficiency by training users and promoting security awareness. Perform other related duties as assigned. Qualifications: 3-5 years of experience in at least three (3) of the following domains: Network security, Cloud security, Web application security, Data security, Threat management, and Incident response Demonstrated problem-solving and analytical skills. Working knowledge of risk management principles and methodologies Proficient, or able to gain proficiency with, a broad array of security software applications and tools. Thorough understanding of computer-related security systems including firewalls, encryption, and password protection and authentication. Proficient in Microsoft Office Suite or related software. Excellent verbal and written communication skills. Organized with attention to detail. Knowledge of IT control frameworks (NIST CSF, ISO 27001, NIST 800-53, CIS v8, etc.) Industry certification(s) preferred (GSEC, Security, CEH, SSCP, CISA, CCSP, CISSP, etc.)

Related Post