Information Security Engineer - Cloud / Linux / Windows 50-75k
My client is seeking an Information Security Engineer to join its global security team. This position ensures the proper deployment, operation, and maintenance of security programs such as network vulnerability scanning, intrusion detection/prevention, file integrity monitoring, and incident response. The Information Security Engineer will identity, evaluate, and implement technical security controls to continuously improve the organizations security.
In addition, this position may be called upon to lead and manage special projects on an as needed basis.
- Continuously assess, measure, and monitor information technology risk by performing network and system vulnerability assessments
- Identify weak or missing controls and vulnerabilities
- Actively manage and drive security vulnerability remediation efforts across the organization
- SIEM deployment, tuning, and maintenance
- Alert analysis from IDS/IPS, HIDS, SIEMS, and FIM events
- Respond and investigate potential security incidents
- Collaborate with business owners, product managers, IT operations teams, and development teams, to provide subject matter expertise for information security matters
- Research and evaluate current or emerging security technologies to support cybersecurity initiatives
- Assist in analyzing technologies and defining security requirements
- Advises on security concerns and provides options and solutions
- Maintain compliance to security policies, standards, procedures
- Reviews configuration changes, critical systems, and infrastructure for possible security risks.
- Manage cybersecurity compliance activities and implement improvements where needed
- Measure performance indicators of program activities and effectively communicate status to stakeholders.
- Stay abreast of emerging threats, vulnerabilities, and be active in the security community
- Establish and maintain strong relationships with business units.
- Participate in special projects and other duties as required
- Self-starter with great written and verbal communications skills
- Strong problem solving and analytical skills
- Ability to work in a results oriented environment that presents strict deadlines and high expectations
- Ability to build and nurture strong relationships with teams
- Deep understanding of common security threats exploiting known vulnerabilities in IT infrastructure
- Must be able to learn and adapt quickly to ever changing requirements and priorities
- Knowledge of FFIEC and NIST relevant security standards and frameworks
- Excellent project management skills
- Professionally exercises discretion and independent judgement in day-to-day work
- Strong Linux and Windows-based systems administration skills
- Experience working with container technologies
- Technical expertise in cloud computing technologies (Azure/AWS/Etc.)
- Experience in cloud-based automation, integration, and deployment (DevOps)
- Scripting language experience (Python, PowerShell)
- Strong understanding of TCP/IP and protocol analysis
- BA or BS degree in Business, Computer Science, IT/MIS, or equivalent work experience required.
- Active industry recognized security certifications such as CISSP, CRISC, CISA, or RHCE is desired.