Information Security Engineer, Senior Job Description
Information security engineer, senior
provides leadership in audit liaison activities for a variety of external assessments against various compliance frameworks including, but not limited to: NIST 800-53 (latest revision), NIST Cybersecurity Framework, CIS Controls, EU GDPR, HIPAA, and PCI DSS.
Information Security Engineer, Senior Duties & Responsibilities
To write an effective information security engineer, senior job description, begin by listing detailed duties, responsibilities and expectations. We have included information security engineer, senior job description templates that you can modify and use.
Sample responsibilities for this position include:
Research and develop new IT Security Infrastructure products and software
Develop prescriptive guidance for developers to help prevent security vulnerabilities in their code
Designs and implements security controls that are built and engineered to meet compliance requirements, including internal controls, SOX and PCI controls
Collaborates with business owners, product/systems engineers, and operational personnel to understand business priorities and goals, company culture, and processes to identify information security risks
Organization, time management, and personality are important attributes for an ISE
Manage AVG Level Platforms, MS-SQL, Windows Server, Cisco ASA, and IBM Security technologies, and SNORT IPS
Perform the ongoing monitoring and administration of security and compliance-related systems
Perform security assessments and review of networking infrastructure and implementation of new security-based technologies
Analyze the security landscape and technologies to ensure data protection
Provide direct support to the business and IT staff for systems security related issues
Information Security Engineer, Senior Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Engineer, Senior
List any licenses or certifications required by the position: CISSP, GIAC, CISA, CCSP, CEH, SSL, CASP, CISM, SANS, PNSE
Education for Information Security Engineer, Senior
Typically a job would require a certain level of education.
Employers hiring for the information security engineer, senior job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Primary Degree in Engineering, Technical, Science, Computer Science, Information Security, Information Technology, Technology, Management, Computer, Information Assurance
Skills for Information Security Engineer, Senior
Desired skills for information security engineer, senior include:
NIST 800 series publications
DNS
FTP
SNMP
SSH
TELNET
800-53
Various protocols and services
Computing
Develop
Desired experience for information security engineer, senior includes:
Strong communications, writing and editing skills needed to transfer information to individuals involved in systems support process
Ability to utilize both manual and automated attack methods
Ability to communicate clearly, to both technical and nontechnical audiences, risks, threats, and vulnerabilities identified during assessments
Strong understanding of networking, including routers, switches, TCP/IP, public/private networks, internet protocol security (IPSec ), and virtual private network (VPN)
8+ years of experience in technical information systems positions, with at least 4+ experience in a pure information security position (firewall engineer, IDS engineer, penetration tester)
Strong analytical and problem solving skills to troubleshoot and resolve
Information Security Engineer, Senior Examples
1
Information Security Engineer, Senior Job Description
Job Description Example
Our growing company is looking to fill the role of information security engineer, senior. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security engineer, senior
- Manages vendor relationship, maintains roadmaps and supports vendor escalations
- Deploys and configures new technical security controls
- Onward support and optimization of current encryption, DLP, and access control solutions
- Manages and updates security controls to meet corporate security and operational standards
- Performs technical security risk reviews as needed
- Provides security consulting to the business to determine best way to minimize risk through the use and application of security controls
- Provides leadership in all remediation efforts
- Ensures consistent deployment and management of technical security controls through the use of modern automation solutions
- Engages directly with auditors for review of enterprise technical security controls
- From time to time, conducts proof of concept lab tests for new security solutions
Qualifications for information security engineer, senior
- Knowledge of networking protocols and infrastructure designs
- Requires significant technical knowledge in security engineering and IT systems engineering
- Strong IT system engineering background with experience in Windows 7, Windows Server 2008/2012 R2, Active Directory Group Policy, Cisco networking, and VMware vSphere
- DoD 8140 certification (IAT Level II, IAM level II or IASAE Level II)
- Requires Bachelor’s degree (in Computer Science or related field) or equivalent, and five to seven years of related experience
- Requires technical knowledge in security engineering
2
Information Security Engineer, Senior Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of information security engineer, senior. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for information security engineer, senior
- Consult with software development teams to ensure potential vulnerabilities are addressed
- Complete project tasks to enable the on time, within budget and scope delivery of ISRM Infrastructure projects
- Serve as the subject matter expert on all matters of Enterprise Information Security
- Perform Security risk assessments for IT projects, including but not limited to reviewing architecture designs and providing guidance on risk mitigation
- Work closely with application & infrastructure teams to understand business needs and assist with security architecture and design of Information Technology systems
- Provide guidance to security engineering team when escalations are required
- Coordinates with program management and customer counterparts to ensure compliance with national IA/IS security requirements
- Designs, installs, and maintains various components of network infrastructure to ensure they support corporate goals for confidentiality, availability, and integrity throughout their life cycle
- Implements technical solutions based on best practices to fulfill contractual, regulatory, and legal requirements supporting SSAE16, PCI, NIST, ITAR, and EU GDPR
- Helps drive the adoption of technical security strategy, standards, design patterns, and best practices across all areas of the company
Qualifications for information security engineer, senior
- Hands-on experience installing, configuring, and supporting security related hardware and software such as Certificate Management, Remote Connection, Network Protection, Data Loss Prevention, File Integrity Monitoring, Security Auditing & Logging, and Vulnerability Management
- Innovative, collaborative and able to solve problems independently
- Proven ability to assess, recommend, deploy and integrate Information Security tools
- Working knowledge and experience in multiple ISC2 security domains
- Ethical Penetration Testing experience preferred
- Administers, optimizes, and assesses performance or enterprise security tools, appliances, policies, configurations, and threat countermeasures
3
Information Security Engineer, Senior Job Description
Job Description Example
Our company is looking to fill the role of information security engineer, senior. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security engineer, senior
- Member of the incident response team to include detecting, responding and containing internal and external cyber-attacks across the enterprise and complex security and internal fraud investigations
- Designs and develops secure IT solutions and control frameworks using network segmentation, gateway security, specialist security tools (including but not limited to, event monitoring, data loss, vulnerability and malware protection, app firewall)
- Researches, evaluates and recommends information security hardware and software, and creates business cases for security investments
- Stay abreast of new threat trends, vulnerabilities, and attack and defense methodologies
- Participates in an 24x7 on-call rotation
- Respond to security incidents per the company incident response process
- Identify security risks and assist in developing and following through on mitigation plans
- Participate in Security related projects
- Assist the Director of IT Security with technical security audits
- Act as primary contact for the cyber security technology stack
Qualifications for information security engineer, senior
- Self Starter with a desire to work across teams
- Knowledge of general IT security principles
- Computer systems and networks to sustain compliance with national and corporate policy best practices
- Minimum of 8 years of experience in an information security role with progressive experience in designing and implementing enterprise security solutions
- In-depth, technical knowledge of data protection and integrity
- Strong interpersonal and communication skills to work effectively with IT and business units
4
Information Security Engineer, Senior Job Description
Job Description Example
Our innovative and growing company is looking for an information security engineer, senior. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for information security engineer, senior
- Oversee the maturity of the global cyber security technology stack (metrics, health checks, tech debt, patching, configuration management, etc)
- Write scripts for automation
- Design, write, and implement APIs to integrate various technologies
- Bachelor’s degree from accredited 4-year University in Computer Science or equivalent technical area
- CISSP, Mac / Windows / Linux related certificates
- 4 years’ experience in information security (specifically in architecture, engineering, and operations)
- Ability to work and manage multiple simultaneous projects
- Must work well under pressure, in stressful situations, achieve critical deadlines, maintain confidentiality, and ensure high professionalism and customer service
- Completes detailed, comprehensive investigation of security issues by reviewing security log data, interpreting data in support of security event management process from various data feeds and triages on a wide variety of security events
- Performs incident handling process by maintaining knowledge in implementation of containment, protection and remediation activities
Qualifications for information security engineer, senior
- Compliance with established Information Assurance (IA) standards and regulations and recommend mitigation strategies
- Scope C&A program that encompasses all of the organizations systems and networks, ensuring compliance with the Federal Information Security Management Act (FISMA), DoDI 8510.01, Director of Central Intelligence Directive (DCID) 6/3, and Intelligence Community Directive (ICD) 503
- IT and information security related professional certifications
- Strong experience with Information security best practices
- Familiarity with NGA Continuity of Operations processes
- Familiarity with NGA dissemination and storage systems, to include IDS-D, NGL, IPL, WARP
5
Information Security Engineer, Senior Job Description
Job Description Example
Our growing company is looking to fill the role of information security engineer, senior. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security engineer, senior
- Develop and document technical security standards to comply with policies and best practices
- Document risk and security assessment results in an existing GRC tool to accurately reflect organization compliance and risk
- Assist with the development and management of the enterprise information security policies, standards, and procedures
- Ensure the protection of corporate information assets through the technical enforcement of organizational security standards and policies
- Perform advanced investigation of identified events or threats
- Conduct complex security architecture analysis of networks, systems, applications and technology initiatives to identify risks and provide expert advice on strategies for mitigating those risks
- Participate in or, as needed, lead special projects related to information security, especially in the areas of risk assessment, vulnerability assessment, and incident response
- Assist the Information Security Architect in evaluating changes to security software and systems
- Proactively identify threats and vulnerabilities, and collection, correlate and analyze data to detect potential unauthorized system accesses
- Assist in developing, implementing, and maintaining security awareness and training efforts
Qualifications for information security engineer, senior
- Maintenance of process and technical documentation
- Must have 2+ years of direct experience with encryption and key management solutions
- 3 year minimum experience in requirements analysis, design and implementation of Oracle Identity products
- Must be able to multitask, work independently in a team environment
- Experience with data stream and data messaging services including syslog, web API GET calls, JSON
- Experience with data management technologies