Security Engineer Information Security Job Description
Security Engineer Information Security Duties & Responsibilities
To write an effective security engineer information security job description, begin by listing detailed duties, responsibilities and expectations. We have included security engineer information security job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Engineer Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Engineer Information Security
List any licenses or certifications required by the position: CISSP, GIAC, CISM, CISA, SANS, CEH, DAMI, CCNA, SSL, ISC2
Education for Security Engineer Information Security
Typically a job would require a certain level of education.
Employers hiring for the security engineer information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Engineering, Information Security, Information Technology, Technical, Technology, Science, Management, Information Systems, Computer
Skills for Security Engineer Information Security
Desired skills for security engineer information security include:
Desired experience for security engineer information security includes:
Security Engineer Information Security Examples
Security Engineer Information Security Job Description
- Executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems
- Monitors systems to ensure adherence to security policies
- Assist in the production and tracking of metrics for the effectiveness and maturity of security processes
- Works all tickets initially assigned to security operations
- Work closely with all operational teams to assign ownership of events
- Work closely with CSIRT to escalate critical events
- Support maintenance and operation of monitoring tools
- Provide support for multiple backoffice information security products
- Configuration and administration of interanal security team specific solutions
- Able to work in a 24x7 shift environment
- CISSP Penetration Testing Certification preferred (GPEN, GWAPT, OSCP, CEH)
- Understanding of wireless networking and associated security protocols
- Outstanding team player but can work independently when required
- Bachelor's degree in related technical field and 8 to 12 years’ experience in a technical capacity
- Foundational knowledge of network engineering concepts and protocols a must
- Advanced knowledge of Linux operating systems is desired
Security Engineer Information Security Job Description
- Conducting DoD security lockdowns utilizing a variety of system scan tools
- Be a champion for security to the business units
- Collaborate with IT and business/product teams to design or validate architectures to host services in cloud environments
- Work with corporate IT teams to secure SaaS services providing internal productivity resources
- Insure security designs and principles can be properly operationalized and handed over appropriate support teams
- Develop security standards and processes that can be deployed and managed in an automated fashion for the various projects assigned
- Linux Administration experience and scripting with bash from the command line
- Security hardening and understanding of virtual networks
- Cloud Security – AWS, MS Azure, or proprietary cloud
- Provides security and risk management services by performing risk identification, assessment, and remediation regulatory and internal compliance monitoring using standards and processes as required to adequately protect personnel, facilities, infrastructure, information, and business operations
- Experience in Incident Response and Incident Management procedures
- BS degree in Computer Science or related field a plus
- Minimum of X year experience in an information technology or security discipline
- Certification in CCRI review areas within 6 months of start date
- Bachelors Degree in Computer science/systems, Information systems/technology is required
- 5+ years of experience with network engineering to program development, modeling, or simulation applied to DoD or information technology systems, configuring firewalls and switches, applying Security Technical Implementation Guides (STIGs), or administering systems running HP-UX, UNIX, Solaris, Linux, and Microsoft Windows
Security Engineer Information Security Job Description
- Develop technical solutions and new security tools to help mitigate data security vulnerabilities and automate repeatable tasks
- Support in the development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification and destruction
- Support others in performing forensic analysis and risk assessments for the entire infrastructure
- Provide support in researching emerging technologies for the continuous improvement of IT security
- Support incident response activities, ensuring security incidents are properly identified, contained, eradicated, and recovered from
- Triage, prioritize, document and mitigate security alerts generated by the various network defense tools
- Assist in remediation and/or mitigation efforts for all vulnerabilities in the environment, ensuring appropriate response to high risk and aged findings
- Minimum 5 years’ experience in Information Security
- In-depth knowledge of Role Base Security models and implementations in diverse technical environments
- Previous professional experience with enterprise SIEM
- Experience in the financial services environment is ideal
- On rare occasion, lift/carry/push/pull objects that weigh 21-40 pounds
- Experience designing, implementing, and managing a SIEM environment (Arcsight, Splunk)
- One to two years’ experience facilitating penetration testing
- Familiarity and maintenance activities of ISO 27001 and HIPAA compliance
- Experience in IT security certifications (CIPP
Security Engineer Information Security Job Description
- Perform risk assessments, which involves analysing risks, identifying and articulating the impact to the business and implementing mitigating controls
- Work as part of a multi-disciplinary team (including development, monitoring and infrastructure) to ensure that security requirements are designed from the start of new projects
- Lead the development and implementation of security programs, standards, policies, and procedures
- Review and Assess technology infrastructure to identify key risks and ensure controls are adequately implemented to properly address said risks
- Report on status of security operations and performance
- Partner with project, IT, and business teams to properly identify and implement security controls that both secure our systems, and meet the business needs
- Apply patches where appropriate and, at the direction of the Assistant Vice President, IT Risk, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards
- Provide implementation and support of global enterprise LAN, WAN and Wireless LAN infrastructure as needed
- Assist network engineers in current active network project and operational network activities as needed
- Ensure situational awareness during security incidents
- Network topologies (WAN/LAN, protocols)
- DLP, HIPS, File Integrity
- Experience with the Technology Protection Plan
- 3+ years of experience in Identity & Access Management or Cyber Security combined with IT engineering or application development
- Strong mindset and skillset of engineering, and integration
- Strong experience in access review and database skills
Security Engineer Information Security Job Description
- Ensure INFOSEC solutions are fully compatible with or engineered into the customer’s network design
- Review and update Information Security documentation, POAM, Scans, STIGs, SSAA, SRTM
- Implementation and operation of the system or component of government customers’ information systems
- Ensuring all information systems are functional and secure in operations and poly knowledge of IA policy, procedures and structure to develop, implement, and maintain a secure information system
- Describe, test and validate security measures active on security infrastructure devices for the protection of computer systems, networks and information system
- Identify and define system security requirements and correlates/documents them by analysis of organizational standard security operating procedures (SOP) and protocols
- Determine security violations and inefficiencies through security tests, evaluations and audits
- Recommend improvements by assessing current security implementations and anticipating new security requirements
- Maintain system security by implementing and maintaining security controls
- Nexpose scans of pre-deployment servers
- Experience in the maturation of Cybersecurity architectures that successfully integrate the multiple Cybersecurity domains to include access control
- Demonstrated verbal and written communication skills strong organizational and time management abilities
- Assessment Solution (ACAS) security suite, IBM QRadar, and GFI EventsManager ) including vulnerability assessment, patch management, audit collection, audit review, audit management, and end point protection
- 2+ years of demonstrable information security and compliance experience
- Knowledge of industry standard frameworks and suitable controls (such as ISO 27001, FISMA, IRS 1075, NIST 800-53)
- Ability to manage and execute complex technical projects