Engineer, Information Security Job Description
Engineer, Information Security Duties & Responsibilities
To write an effective engineer, information security job description, begin by listing detailed duties, responsibilities and expectations. We have included engineer, information security job description templates that you can modify and use.
Sample responsibilities for this position include:
Engineer, Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Engineer, Information Security
List any licenses or certifications required by the position: CISSP, GIAC, CISM, CISA, SANS, CEH, DAMI, CCNA, SSL, ISC2
Education for Engineer, Information Security
Typically a job would require a certain level of education.
Employers hiring for the engineer, information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Engineering, Information Technology, Technical, Technology, Science, Management, Information Assurance, Computer
Skills for Engineer, Information Security
Desired skills for engineer, information security include:
Desired experience for engineer, information security includes:
Engineer, Information Security Examples
Engineer, Information Security Job Description
- Coordinate with Information Security Coordinators (ISCs) and oversee their activities
- Work upon long term initiatives web based IS trainings
- May lead projects and provide guidance/training to less experienced staff
- Ensure the integrity and protection of networks
- Analyze alerts develop new triggers and reporting on an ongoing basis
- Detect, investigate and recover from security incidents assisting with incident response plans
- Configuration management & automation
- Secure software development and threat modeling
- Logging & monitoring systems
- Coordinates response to security incidents
- Understanding of information security principles, security technologies and practices in an corporate environment
- Knowledge of industry standard security regulations, policies, and procedures for information systems
- Evidence of external presentation skills a plus
- Certifications like CISSP, CSSLP a plus
- Extreme passion for information security work
- Aptitude to quickly learn new environments and technologies
Engineer, Information Security Job Description
- Serves as an information security consultant to KPE and active participant in B2B client audits
- The role of the cyber security engineer demands technical skill, superior customer service and the ability to think, communicate and write at various levels
- As a member of the cyber security & engineering design team, this role will work with project managers and members of their project team to ensure security requirements are designed into projects
- Researches and advocates new technologies, architectures, and security products that will support security requirements for the enterprise and its customers, business partners and vendors
- Assess current and potential vendors (e.g., software, hosting environments) from a technical security and information risk management perspective
- Support operational security activities including oversight of ongoing divisional security processes (e.g., incident response, ad hoc queries, periodic access reviews, vulnerability management)
- Support the development and enforcement of Global information security policies and standards
- Assist and actively participate in your team’s plans to achieve their goals (this includes those that originate from IRM and the business)
- Be part of an active team who remains current on emerging risks and technologies, key developments and strategies for the businesses you support
- Working knowledge of security auditing tools like AppScan, Nessus, Burp Suite
- Four (4) or more years of experience with network and Security components, including firewall, intrusion detection/prevention systems, anti-malware products, forensics tools, data encryption, VPNs, vulnerability scanners, multiple operating systems (Windows, UNIX, Linux, ), and directory services (Active Directory, LDAP)
- Advanced knowledge of Windows 2008 R2 and 2012 R2 environments is desired
- Experience with writing security and IT-related documentation (e.g., white papers, procedures, technical specs, ), training peers, and presenting information to peers and leadership as required
- Minimum of one years experience executing formal review & reporting processes, e.g through pen testing, architecture reviews, incident investigation, etc
- Be strongly self-motivated with an aptitude for both individual and team-oriented work
- Experience with a wide selection of open source and commercial security tools
Engineer, Information Security Job Description
- Assist in completion of NetD statistical and trend data and operational event reporting when requested
- Maintain current knowledge on new vulnerabilities and exploits
- Track, document, and report all security related events including, but not limited to, Discharge of Classified Information and Cross Domain Violations IAW CENTCOM/AFCENT policy
- Coordinate and track Information Assurance Vulnerabilities Alerts (IAVA)
- Responsible for the development of end to end security monitoring and reporting
- Evaluate new and emerging threats against existing security controls
- Support lifecycle management of data security solutions to include technology roadmaps
- Contribute to the IT Strategies that impact data security solutions to include technology roadmaps
- Lead key conversations among internal and external stakeholders
- Maintain expertise in the data security domain to provide relevant solutions
- Requires extensive experience in network and information security with a proven track record of success
- Strong experience and detailed technical knowledge in security engineering, secure application development lifecycle processes, authentication and security protocols, and cryptography
- Active Top Secret clearance and the ability to obtain a TS/SCI with polygraph
- A bachelor's degree in a technical field is preferred but comparable accomplishments including work experience and IT certifications will be considered
- 8-10 years’ network security experience in a corporate data center environment
- Hands-on knowledge of Citrix administration tools and resources with experience administrating the direction, development, and implementation of Citrix applications
Engineer, Information Security Job Description
- Hands on experience configuring and managing security tools
- Prioritize information security risks and work with the business stakeholders on remediation projects
- Respond to security incidents and assist with investigations as directed by management
- Supports and assists other team members as required to reach the team and departmental goals
- Assist in evaluating new controls and technologies
- Building new scripts and tools to act as monitoring plugins using shell, or Python
- Provide sales enablement assistance in the Asia market
- Perform or reviews security incident investigations
- Evaluate implements and/or integrate security solutions
- Perform security reviews of projects and approve access requests to sensitive data and systems
- Experience with Linux/UNIX Windows servers, MS SQL
- Experience understanding protocols, such as, SSL/TLS, CIFS, HTTP/S, DHCP, SMTP, LDAP/S and DNS
- Experience with various security tools such as Retina, Nessus, FireEye, Snort, Nexpose, McAfee, Symantec, Carbon Black, BlueCoat, NMap, Metasploit
- The position requires individual initiative and ability to influence events, rather than passively accepting them, in order to achieve goals
- Advanced Degree with concentration in Information Security or Cyber Security preferred
- Minimum 2 years of past experience in implementing Information Security
Engineer, Information Security Job Description
- Maintain qualified validator status with Navy or other applicable DoN agency requirement
- Develop all A&A documentation in accordance with DoD policies and procedures to ensure that accreditation packages are complete and system compliance is met for Designated Accrediting Authority or Authorizing Official (AO)
- Validation Readiness Review (IAVRR) to determine if the system security is sufficiently mature to execute the IA certification test event
- Develop associated RMF IA Artifacts to include the System Security Plan, System Design and Architecture, Contingency Plan/COOP Plan, Incident Response Plan, Audit Design, Change Control Board, Identification and Authentication, Physical and Environmental, and Remote Access artifacts
- Assemble RMF Package (Scorecard, POA&M, RAR, certification documentation)
- Provide guidance and support related to IT Contingency Planning
- Perform security and privacy risk assessments on infrastructure components
- Design, evaluate tradeoffs, and implement security enhancements
- Provide customer support in solving all phases of complex INFOSEC - related technical problems
- Review and recommend INFOSEC solutions to customer problems based on an understanding of products/systems test results
- Hands-on experience designing, architecting and implementing various information security tools/products such as PKI, Next-Generation Firewalls, HSM’s, SIEM, Multi-Factor Authentication, IPS, NetFlow Monitoring, Full Packet Capture, Database Encryption, Privileged Identity Management
- Demonstrated experience with industry standard testing tools such as AppScan, Web Inspect, Burp Suite, Qualys, Nessus, Nmap, Metasploit
- Certification according to DoD Directive 8570.01-M for Information Assurance Technician Level 3 and Information Assurance Manager Level 2
- Active TS/SCI (minimum is TS & adjudicated SCI eligibility)
- Knowledge of requirements and methods to meet requirements delineated in the NIST 800-XX and ICD-503 (DCID 6/3) series of publications
- Experience in the identification, derivation, analysis, implementation, testing, deployment and management of cybersecurity requirements for collateral and multi-level classified information systems