Security Engineer, Senior Job Description
Security engineer, senior
provides support for facilitating and helping the A&A team identify and implement security controls in accordance with NIST SP 800-53 Rev 4 and FedRAMP security requirements.
Security Engineer, Senior Duties & Responsibilities
To write an effective security engineer, senior job description, begin by listing detailed duties, responsibilities and expectations. We have included security engineer, senior job description templates that you can modify and use.
Sample responsibilities for this position include:
Database Auditing/Activity Engineering
Assist in the forensic investigation process in response to information security incidents and events
Conduct technical analysis of emerging security technologies and cryptography technologies
Works closely with IT and product development teams, in a senior level capacity, to support design of secure infrastructure and applications, assisting in or facilitating the implementation of protective and mitigating controls
Assist in developing and implementing an ongoing risk assessment program targeting information security and privacy matters
Conduct reviews and audits to ensure compliance for information security Policies and Procedures
Identify security issues and risks, and develop mitigation and remediation plans
Work with teams across the company to develop best practices, integrate security across solutions, and produce publications that help secure our customers
Create security awareness across the organization
Participate in security vulnerability response handling
Security Engineer, Senior Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Engineer, Senior
List any licenses or certifications required by the position: CISSP, GIAC, ITIL, SANS, CEH, CISM, CSSLP, CISA, GCFA, GCIH
Education for Security Engineer, Senior
Typically a job would require a certain level of education.
Employers hiring for the security engineer, senior job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Education, Information Security, Information Systems, Computer Engineering, Information Technology, Electrical Engineering, Software Engineering
Skills for Security Engineer, Senior
Desired skills for security engineer, senior include:
NIST
FedRAMP
NIST 800 series publications
Encryption
COBIT
Information security program frameworks
Auditing
800-53
Federal IT and Cloud security policies
DNS
Desired experience for security engineer, senior includes:
Solid knowledge of infrastructure security
Ability to write code to solve administrative or security problems
Building complete solutions by integrating off-the-shelf and custom security tools
Knowledge of PKI-based systems and TLS
7+ years relevant technical experience preferred
Familiarity with many different network architectures, network services, system types, network devices, development platforms and software suites required
Security Engineer, Senior Examples
1
Security Engineer, Senior Job Description
Job Description Example
Our company is looking for a security engineer, senior. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security engineer, senior
- Participate in our vulnerability management program, including bug triage assessments, communicating findings to key stakeholders, and driving remediation efforts with relevant Engineering owners
- You’ll work closely with our internal development teams in US and offshore
- You’ll help setting up secure coding practice and guide the team to embrace the methodology
- Promote security awareness throughout the organization
- Assist in the execution of incident response, vulnerability assessments, penetration tests and security audits
- Document, schedule and execute change requests in accordance with the company change control procedures
- Assist in the technical evaluation of systems, networks, applications, and infrastructures to determine the security posture of the target capability
- Conduct assessments as directed ranging from discovery scanning and information gathering, vulnerability assessments, blue/red team assessment or as defined
- Deliver security test plans, assessment results, and recommendations for approval
- Provide expert technical support for potential targets both before and after the assessment to assist in the improvement of security-related capabilities
Qualifications for security engineer, senior
- Minimum 5-7 years security engineering experience in mid to large IT organizations
- 3-5 years of hands on and progressive information security design and implementation experience in a security engineering role preferred
- Experience in signature development (IPS, yara, A/V)
- Scripting and coding experience (bash, PowerShell, python)
- 5+ years of experience in operational security, incident response, and / or forensics
- Personal interest in Cyber/Information Security
2
Security Engineer, Senior Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of security engineer, senior. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security engineer, senior
- Provide input to the security architecture and governance to maintain the enterprise’s secure by design principle
- Oversee the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with good practice standards
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories through the enforcement of enterprise security policies, monitoring of security tools and managing the Enterprise security services, escalating as required and raising security incidents
- Support investigations from a technical perspective into events of interest and security incidents
- Lead the major incident management process for all security focussed events, including co-ordination, management of suppliers and communication to Senior Management
- Support Service related incidents where Security can provide additional intelligence and insights
- Experience with working with and managing teams of internal and external resources
- Expert knowledge of Security management principles and practice, including Threat/Vulnerability/WAF/IDS/IPS/Patching/SIEM Management/Service management
- Ability to quickly understand and adopt of the organisation’s goals and objectives
- Proven ability to conduct research into issues and products as required
Qualifications for security engineer, senior
- A minimum of 6 years’ experience within security engineering focused roles in medium to large scale enterprises, and a minimum of 8 years’ experience in enterprise IT Bachelors or Master’s Degree in Computer Science, or equivalent applicable experience
- Windows/Linux Operating Systems (up to and including debugging)
- In-depth knowledge of multiple OS platforms with strong emphasis on Linux
- In-depth knowledge of authentication protocols, applied cryptography, PKI and TLS
- Experience in secure development especially for internet facing intranet, Mid-range and cloud hosted applications
- Experience in applying security in Cloud technologies like AWS, Containers, Microservices
3
Security Engineer, Senior Job Description
Job Description Example
Our company is searching for experienced candidates for the position of security engineer, senior. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security engineer, senior
- Maintain general working knowledge and awareness of concepts such as Identity & Access Management (IAM), Access Controls, Authorization, Encryption of data at rest / in transit, multi-factor authentication, web application firewalls
- Support multiple national-level cyber security initiatives with significant visibility
- Conducting advanced research of cyber incidents and development of incident response and remediation recommendations
- Perform security testing and vulnerability assessments to identify security strengths and weaknesses, to assess the effective ness of existing controls, and to recommend remedial action
- Perform incident management and response activities as a member of the bank’s incident management team
- Review audit trails, system logs and other monitoring data sources regularly and ensure they are in compliance with policies and audit requirements
- Deliver security projects independently and lead cross-functional teams
- Serve as information security advisor during the development of technological projects
- Advise on and support the company’s overall enterprise security strategy
- Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information
Qualifications for security engineer, senior
- Ability to clearly articulate point of view verbally and in writing and quickly grasp business objectives and strategies
- Industry security certification (CISSP, CEH)
- A consistent track record implementing security solutions at the business unit level
- BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field
- Demonstrated experience with building IaaS cloud based solutions including AWS, Azure
- Candidate must have demonstrated experience with Windows, Linux, Red Hat, hosts, operating systems
4
Security Engineer, Senior Job Description
Job Description Example
Our company is growing rapidly and is looking for a security engineer, senior. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for security engineer, senior
- Maintain awareness of current and future external regulations and design standards from FDA, NIST, AAMI and similar international regulators and standards bodies
- Web content filtering deployment for all users to protect the users from various risks
- Execution of risk assessment activities (penetration testing and vulnerability assessments) performed by you, the internal security team and/or an external group
- Advanced, Knowledge of routing and switching protocols to include security policy setup and threat protection
- Security consultancy and advice to software and infrastructure teams
- Act as the infrastructure security specialist within the team
- Providing teams with security requirements
- Security assessments, with and without documentation or source code
- Reviews, updates, and enforces data security practices within the campus and restaurant systems environments
- Analysis of logs from various devices (Firewalls, Servers, routers/switches, endpoints) to determine possible violations of company policy, improvement of security posture, and detection of APT
Qualifications for security engineer, senior
- Familiar with Active Directory, and Windows Operating Systems
- Compose Body of Evidence require documentation (system security plans, security categorizations, risk assessments, network diagrams, business impact analysis)
- Have an understanding of TCP/IP network protocol, security vulnerability scanning tools (e.g., Nmap, ACAS, Nessus, Core Impact, DISA STIGs, CS Benchmarks)
- Must be US Citizen or Naturalized US Citizen
- Demonstrated, hands-on experience working with Intrusion Detection/Intrusion Prevention Systems (IDS/IPS)
- Advanced understanding of network and web protocols (TCP/IP, UDP, IPSEC, HTTPS, routing)
5
Security Engineer, Senior Job Description
Job Description Example
Our company is growing rapidly and is looking to fill the role of security engineer, senior. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security engineer, senior
- Install, manage, maintain and configure existing Entrust PKI systems
- Document current security policies and procedures and make recommendations to management for changes where appropriate
- Ensure policies are effectively communicated to the business
- Work with many disciplines within the business regarding policy – technical, physical, professional
- Work with all disciplines ensuring security compliance
- Address customer specific questions on security and hosting environment, either in written or verbal form through RFPs/RFIs or periodic customer driven assessments
- Designs, builds, tests, and maintains network computing security platforms including, but not limited to, Intrusion Detection Systems (IDS), Intrusion Prevention systems (IPS), and firewalls
- Ensures that all infrastructure systems are designed, implemented, and supported to meet security policies and standards
- Ensures that products meet security standards and requirements expected by customers and the commercial marketplace
- Assess risk and recommend mitigating controls for project implementations, designs
Qualifications for security engineer, senior
- Knowledge of system and network security, authentication, cryptography, and application security
- Demands familiarity with security engineering principles, theories, concepts and technologies applied knowledge of established procedures, policies and practices
- 5-7 years of hands-on experience in linux administration, network engineering, or security engineering in an Enterprise IT or Managed Security Services environment
- Extensive Linux/Unix command line skills and knowledge with the ability to troubleshoot security, networking, and system issues at an advanced level with minimal support
- Networking knowledge must on par with that required for a CCNA certification
- Proven ability to troubleshoot, correctly diagnose, and correct identified security deficiencies