Job Summary The Information Security Engineer utilizes advanced knowledge of architecture in order to design, develop, and implement network security tools and infrastructure related to Active Directory monitoring, intrusion prevention systems, security information and event management and vulnerability management systems. Applies advanced network security expertise to troubleshoot and debug network access issues, security tool problems, and security events. Provides guidance and recommendations related to IT Security policies and controls.
Job Responsibilities:
Evaluates the quality of network security controls and procedures.
Investigates security breaches to identify vulnerabilities and evaluate the damage.
Leads coordination of the documentation of network security processes and procedures.
Leads the coordination of the monitoring of networks or systems for security breaches or intrusions.
Leads the coordination of vulnerability assessments or analysis of network security systems.
Develops network security standards and best practices.
Develops or implements software tools to assist in the detection, prevention, and analysis of security events.
Develops response and recovery strategies for security breaches.
Develops disaster recovery procedures for network security tools.
Identifies or implements solutions to network security problems.
Responds to security system weaknesses identified through penetration tests.
Oversees development of plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure or to meet emergency data processing needs.
Manages network security tools specifically intrusion prevention systems, SIEM, vulnerability detection and management systems, Active Directory management and auditing tools, identity management systems, multi-factor authentication systems.
Job Requirements :
Bachelor's Degree in Computer Science, Information Systems, or other related field required.
Professional certification (e.g., CISA, CISSP or equivalent) preferred.
Other technical certifications such as CISCO and/or Microsoft preferred or equivalent work experience.
Five (5) to eight (8) years of combined IT and security work experience with a broad exposure to infrastructure/network and multi-platform environments.
Experience with addressing security issues, techniques and implications across all existing computer platforms.
Experience with the following technologies: SEIM (LogRhythm), and vulnerability management (Rapid7).
Experience with one or more of the following technologies preferred: Nexpose; Trend IPS; Varonis; Microsoft Active Directory; HCL AppScan; RSA SecurID; RSA Prime;
Experience working in a team-oriented, collaborative environment.
Technical expertise in systems administration and security tools, combined with the knowledge of security practices and procedures. Knowledge of IP, TCP/IP, and other network administration protocols, including their vulnerabilities and solutions.
Technical knowledge of network operating systems (e.g., Unix, Linux, Active Directory, etc).
High level of analytical and problem-solving abilities.
Excellent interpersonal, written and oral communication skills.
Highly self-motivated and directed.
Strong organizational skills and excellent attention to detail.
Ability to conduct research into security issues and products as required.
Ability to prioritize and execute tasks in a high-pressure environment.
