Security Engineer, / Security Engineer Job Description
Security Engineer, / Security Engineer Duties & Responsibilities
To write an effective security engineer, / security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included security engineer, / security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Engineer, / Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Engineer, / Security Engineer
List any licenses or certifications required by the position: CISSP, PKI, GIAC, ITIL, CE, OSCP, CCNP, MCSE, CEH, GSEC
Education for Security Engineer, / Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the security engineer, / security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Engineering, Education, Technical, Computer Engineering, Information Systems, Information Technology, Technology, Electrical Engineering
Skills for Security Engineer, / Security Engineer
Desired skills for security engineer, / security engineer include:
Desired experience for security engineer, / security engineer includes:
Security Engineer, / Security Engineer Examples
Security Engineer, / Security Engineer Job Description
- Provide Level 3 support for security incidents, investigations, running forensics tools and event documentation/reporting
- Documents support guidelines and procedures
- Utilize his/her technical (area of) expertise on fairly complex, high-priority projects and/or processes
- Based on documented procedures, perform moves, adds, and changes to Huron’s enterprise monitoring solution
- Educate developers, users and management on risks and best practices
- Function as lead engineer for several IT Risk projects
- Manage and maintain the Log Archiving (Splunk) platform
- Work with topics related to Cyber Security in support of State of South Carolina and Marine Corps customers
- Document the results of testing in standardized test artifacts
- Present the results of the data analysis through formal reporting – both written and verbal
- Enterprise caliber security appliance / system configuration, deployment, and management experience ranging from firewalls & IPS’ to SIEM’s and proxies (and more!)
- Experience using commercial and open source security software such as Nmap, Nessus, Wireshark, Rapid7, WebInspect, Metasploit Framework, Ettercap, Burp Suite
- Significant experience with enterprise Linux-based architectures and security design
- A strong level of comfort with core Windows security principles and intricacies and the roles they play within an enterprise
- Strong general networking and security knowledge (Firewalls, Routing, DNS, NAT, packet trace and analysis)
- A bachelor’s degree in a technology, science or mathematics discipline is required for this position
Security Engineer, / Security Engineer Job Description
- Troubleshoots network access problems and implements network policies and procedures
- Investigate incidents and lead response efforts, while identifying methods to improve preparedness
- Perform product evaluation on security tools and services
- Work with application and system owners to follow logging policies and develop methods to feed relevant security data into SIEM systems
- Expand our security automation processes (enabling to move faster, more securely)
- Work alongside operations and development teams to remediate all security findings
- Serve as the liaison to a central SOC for incident response and vulnerability remediation
- Supervise and assist in the adoption of corporate security policies, business risk register, and corrective action reports for ISO27001
- Participate in internal and external audit programs
- Pen testing and vulnerability assessments for products and IT assets
- Take a lead role in problem management and issue triage related to security technologies
- 4+ years of IT experience that encompasses a variety of roles
- Knowledge of passive security monitoring tools
- Penetration tools
- Certified Information Systems Security Professional (CISSP), current certification is strongly preferred
- Ability to obtain and maintain a Government security clearance of MBI
Security Engineer, / Security Engineer Job Description
- Develop methods and procedures to secure Web Application, SQL Database, and Microsoft Azure PaaS environment
- Develop methods and procedures to implement Role Based Access Control for a complex system
- Acts as a recognized technical expert in performing assessments of present levels of cyber security, defines acceptable levels of risk, trains all personnel in proper cyber posture and establishes formal maintenance procedures
- Develop methods and document to secure system interconnections
- Act as an escalation point for alerts generated by a SIEM and other related tools
- Assists in the evaluation of issue priority and provides front line response to various internal groups regarding product and solution support
- Coordinate and, in many cases, implement fixes (patches, configuration changes and so much more) for discovered issues
- Manage ongoing penetration testing efforts for our products, including in-team testing, targeted penetration testing and external penetration test by 3rd parties
- Track and guide for secure deployment
- Interact with auditors to maintain our SOC2 audit compliance
- Solid operational knowledge of common security technologies and advanced support and complex change configuration ability in at least one security platform
- Operational experience with multiple security platforms that can affect change management, security management, audit and control, encryptions, ect
- Administrative experience in multiple versions of operating systems such as Windows, Solaris, BSD, Linux, SCO, HPUX
- Solid scripting ability in Shell, PERL, Python, or other similar use language
- Ability to follow documented daily procedures and policies
- Highly specialized in phases of software or infrastructure development, integration, or network engineering
Security Engineer, / Security Engineer Job Description
- Assess available technologies and processes and recommend .solution options
- Planning, coordination, assistance and documentation of Security and rollout scenarios based on the current corporate standards
- Requires thorough knowledge of security practices, procedures, and capabilities in order to perform no repetitive, analytical work
- Identifies potential vulnerabilities to cyber and information security using penetration testing and red teams
- Provides technologies for identification, modeling, and predictive analysis of cyber threats
- Worked as a part of a development team
- Week-long secondary on-call shifts approximately once every 2 months
- Develop and lead incident reports to closure, write summary and dashboard reports, and coordinate identification and resolution of issues with partners and management
- On / Off boarding of security devices to health platform
- Escalation point for security device based incidents
- Good knowledge of network security solutions, IDS/IPS systems, anti-malware solutions preferred
- Experience with Security Information and Event management (SIEM) solutions
- Experience with payments systems and compliance requirements
- Familiarity with vulnerability scanning, intrusion detection, anomaly detection and associated technologies
- Familiar with commercial and open source web penetration testing tools
- Familiar with endpoint protection technologies and products
Security Engineer, / Security Engineer Job Description
- Provide hands-on security architecture leadership to a team of technical subject matter experts and specialists throughout the entire development life cycle
- Experience with infrastructure and security tools for audit logging, netflow, syslog, auditing, endpoint protection and vulnerability assessments
- Optimize security infrastructure and security operations procedures
- In-depth knowledge and experience with RSA 2-factor authentication systems (AM7, tokens, smartcards)
- In-depth knowledge of IP traffic flow, protocol analysis, capturing and monitoring of live traffic streams
- Working knowledge of LAN and WAN configurations and how they interact
- Working with AWS teams to help identify areas where data can drive security improvements and where monitoring can be implemented to protect AWS and our customers
- Developing highly accurate identification of anomalous and potentially malicious behavior by leveraging pattern detection over large datasets
- Splunk administration and development
- Developing and maintaining new platforms, services, and scripts using Ruby, Java, or Python to make sense of piles and piles of data
- Linux/Unix, Splunk, Kali Linux, Metasploit, Rapid7, and a programming language a plus, Java, Java-script, python
- Bachelors degree in Information Security field
- Bachelor's degree in Computer Science, Electrical Engineering or equivalent work experience in related security industry
- Must be able to communicate across all levels of the organization, from non-tech end user community to c-suite audiences
- Expertise in Windows, Mac and/or Linux administration skills
- Solid knowledge or expertise with Enterprise infrastructure components - DNS, AD, Radius, Kerberos, PKI Management and systems monitoring