Information Security Engineer, Senior Job Description
Information Security Engineer, Senior Duties & Responsibilities
To write an effective information security engineer, senior job description, begin by listing detailed duties, responsibilities and expectations. We have included information security engineer, senior job description templates that you can modify and use.
Sample responsibilities for this position include:
Information Security Engineer, Senior Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Engineer, Senior
List any licenses or certifications required by the position: CISSP, GIAC, CISA, CCSP, CEH, SSL, CASP, CISM, SANS, PNSE
Education for Information Security Engineer, Senior
Typically a job would require a certain level of education.
Employers hiring for the information security engineer, senior job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Primary Degree in Engineering, Technical, Science, Computer Science, Information Security, Information Technology, Technology, Management, Computer, Information Assurance
Skills for Information Security Engineer, Senior
Desired skills for information security engineer, senior include:
Desired experience for information security engineer, senior includes:
Information Security Engineer, Senior Examples
Information Security Engineer, Senior Job Description
- Manages vendor relationship, maintains roadmaps and supports vendor escalations
- Deploys and configures new technical security controls
- Onward support and optimization of current encryption, DLP, and access control solutions
- Manages and updates security controls to meet corporate security and operational standards
- Performs technical security risk reviews as needed
- Provides security consulting to the business to determine best way to minimize risk through the use and application of security controls
- Provides leadership in all remediation efforts
- Ensures consistent deployment and management of technical security controls through the use of modern automation solutions
- Engages directly with auditors for review of enterprise technical security controls
- From time to time, conducts proof of concept lab tests for new security solutions
- Knowledge of networking protocols and infrastructure designs
- Requires significant technical knowledge in security engineering and IT systems engineering
- Strong IT system engineering background with experience in Windows 7, Windows Server 2008/2012 R2, Active Directory Group Policy, Cisco networking, and VMware vSphere
- DoD 8140 certification (IAT Level II, IAM level II or IASAE Level II)
- Requires Bachelor’s degree (in Computer Science or related field) or equivalent, and five to seven years of related experience
- Requires technical knowledge in security engineering
Information Security Engineer, Senior Job Description
- Consult with software development teams to ensure potential vulnerabilities are addressed
- Complete project tasks to enable the on time, within budget and scope delivery of ISRM Infrastructure projects
- Serve as the subject matter expert on all matters of Enterprise Information Security
- Perform Security risk assessments for IT projects, including but not limited to reviewing architecture designs and providing guidance on risk mitigation
- Work closely with application & infrastructure teams to understand business needs and assist with security architecture and design of Information Technology systems
- Provide guidance to security engineering team when escalations are required
- Coordinates with program management and customer counterparts to ensure compliance with national IA/IS security requirements
- Designs, installs, and maintains various components of network infrastructure to ensure they support corporate goals for confidentiality, availability, and integrity throughout their life cycle
- Implements technical solutions based on best practices to fulfill contractual, regulatory, and legal requirements supporting SSAE16, PCI, NIST, ITAR, and EU GDPR
- Helps drive the adoption of technical security strategy, standards, design patterns, and best practices across all areas of the company
- Hands-on experience installing, configuring, and supporting security related hardware and software such as Certificate Management, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing & Logging, and Vulnerability Management
- Innovative, collaborative and able to solve problems independently
- Proven ability to assess, recommend, deploy and integrate Information Security tools
- Working knowledge and experience in multiple ISC2 security domains
- Ethical Penetration Testing experience preferred
- Administers, optimizes, and assesses performance or enterprise security tools, appliances, policies, configurations, and threat countermeasures
Information Security Engineer, Senior Job Description
- Member of the incident response team to include detecting, responding and containing internal and external cyber-attacks across the enterprise and complex security and internal fraud investigations
- Designs and develops secure IT solutions and control frameworks using network segmentation, gateway security, specialist security tools (including but not limited to, event monitoring, data loss, vulnerability and malware protection, app firewall)
- Researches, evaluates and recommends information security hardware and software, and creates business cases for security investments
- Stay abreast of new threat trends, vulnerabilities, and attack and defense methodologies
- Participates in an 24x7 on-call rotation
- Respond to security incidents per the company incident response process
- Identify security risks and assist in developing and following through on mitigation plans
- Participate in Security related projects
- Assist the Director of IT Security with technical security audits
- Act as primary contact for the cyber security technology stack
- Self Starter with a desire to work across teams
- Knowledge of general IT security principles
- Computer systems and networks to sustain compliance with national and corporate policy best practices
- Minimum of 8 years of experience in an information security role with progressive experience in designing and implementing enterprise security solutions
- In-depth, technical knowledge of data protection and integrity
- Strong interpersonal and communication skills to work effectively with IT and business units
Information Security Engineer, Senior Job Description
- Oversee the maturity of the global cyber security technology stack (metrics, health checks, tech debt, patching, configuration management, etc)
- Write scripts for automation
- Design, write, and implement APIs to integrate various technologies
- Bachelor’s degree from accredited 4-year University in Computer Science or equivalent technical area
- CISSP, Mac / Windows / Linux related certificates
- 4 years’ experience in information security (specifically in architecture, engineering, and operations)
- Ability to work and manage multiple simultaneous projects
- Must work well under pressure, in stressful situations, achieve critical deadlines, maintain confidentiality, and ensure high professionalism and customer service
- Completes detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events
- Performs incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities
- Compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies
- Scope C&A program that encompasses all of the organizations systems and networks, ensuring compliance with the Federal Information Security Management Act (FISMA), DoDI 8510.01, Director of Central Intelligence Directive (DCID) 6/3, and Intelligence Community Directive (ICD) 503
- IT and information security related professional certifications
- Strong experience with Information security best practices
- Familiarity with NGA Continuity of Operations processes
- Familiarity with NGA dissemination and storage systems, to include IDS-D, NGL, IPL, WARP
Information Security Engineer, Senior Job Description
- Develop and document technical security standards to comply with policies and best practices
- Document risk and security assessment results in an existing GRC tool to accurately reflect organization compliance and risk
- Assist with the development and management of the enterprise information security policies, standards, and procedures
- Ensure the protection of corporate information assets through the technical enforcement of organizational security standards and policies
- Perform advanced investigation of identified events or threats
- Conduct complex security architecture analysis of networks, systems, applications and technology initiatives to identify risks and provide expert advice on strategies for mitigating those risks
- Participate in or, as needed, lead special projects related to information security, especially in the areas of risk assessment, vulnerability assessment, and incident response
- Assist the Information Security Architect in evaluating changes to security software and systems
- Proactively identify threats and vulnerabilities, and collection, correlate and analyze data to detect potential unauthorized system accesses
- Assist in developing, implementing, and maintaining security awareness and training efforts
- Maintenance of process and technical documentation
- Must have 2+ years of direct experience with encryption and key management solutions
- 3 year minimum experience in requirements analysis, design and implementation of Oracle Identity products
- Must be able to multitask, work independently in a team environment
- Experience with data stream and data messaging services including syslog, web API GET calls, JSON
- Experience with data management technologies