Security Engineer, Senior Job Description
Security Engineer, Senior Duties & Responsibilities
To write an effective security engineer, senior job description, begin by listing detailed duties, responsibilities and expectations. We have included security engineer, senior job description templates that you can modify and use.
Sample responsibilities for this position include:
Security Engineer, Senior Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Engineer, Senior
List any licenses or certifications required by the position: CISSP, GIAC, ITIL, SANS, CEH, CISM, CSSLP, CISA, GCFA, GCIH
Education for Security Engineer, Senior
Typically a job would require a certain level of education.
Employers hiring for the security engineer, senior job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Engineering, Technical, Education, Information Security, Information Systems, Computer Engineering, Information Technology, Electrical Engineering, Software Engineering
Skills for Security Engineer, Senior
Desired skills for security engineer, senior include:
Desired experience for security engineer, senior includes:
Security Engineer, Senior Examples
Security Engineer, Senior Job Description
- Participate in our vulnerability management program, including bug triage assessments, communicating findings to key stakeholders, and driving remediation efforts with relevant Engineering owners
- You’ll work closely with our internal development teams in US and offshore
- You’ll help setting up secure coding practice and guide the team to embrace the methodology
- Promote security awareness throughout the organization
- Assist in the execution of incident response, vulnerability assessments, penetration tests and security audits
- Document, schedule and execute change requests in accordance with the company change control procedures
- Assist in the technical evaluation of systems, networks, applications, and infrastructures to determine the security posture of the target capability
- Conduct assessments as directed ranging from discovery scanning and information gathering, vulnerability assessments, blue/red team assessment or as defined
- Deliver security test plans, assessment results, and recommendations for approval
- Provide expert technical support for potential targets both before and after the assessment to assist in the improvement of security-related capabilities
- Minimum 5-7 years security engineering experience in mid to large IT organizations
- 3-5 years of hands on and progressive information security design and implementation experience in a security engineering role preferred
- Experience in signature development (IPS, yara, A/V)
- Scripting and coding experience (bash, PowerShell, python)
- 5+ years of experience in operational security, incident response, and / or forensics
- Personal interest in Cyber/Information Security
Security Engineer, Senior Job Description
- Provide input to the security architecture and governance to maintain the enterprise’s secure by design principle
- Oversee the deployment, integration and configuration of all new security solutions and of any enhancements to existing security solutions in accordance with good practice standards
- Ensure the confidentiality, integrity and availability of the data residing on or transmitted to/from/through enterprise workstations, servers and other systems and in databases and other data repositories through the enforcement of enterprise security policies, monitoring of security tools and managing the Enterprise security services, escalating as required and raising security incidents
- Support investigations from a technical perspective into events of interest and security incidents
- Lead the major incident management process for all security focussed events, including co-ordination, management of suppliers and communication to Senior Management
- Support Service related incidents where Security can provide additional intelligence and insights
- Experience with working with and managing teams of internal and external resources
- Expert knowledge of Security management principles and practice, including Threat/Vulnerability/WAF/IDS/IPS/Patching/SIEM Management/Service management
- Ability to quickly understand and adopt of the organisation’s goals and objectives
- Proven ability to conduct research into issues and products as required
- A minimum of 6 years’ experience within security engineering focused roles in medium to large scale enterprises, and a minimum of 8 years’ experience in enterprise IT Bachelors or Master’s Degree in Computer Science, or equivalent applicable experience
- Windows/Linux Operating Systems (up to and including debugging)
- In-depth knowledge of multiple OS platforms with strong emphasis on Linux
- In-depth knowledge of authentication protocols, applied cryptography, PKI and TLS
- Experience in secure development especially for internet facing intranet, Mid-range and cloud hosted applications
- Experience in applying security in Cloud technologies like AWS, Containers, Microservices
Security Engineer, Senior Job Description
- Maintain general working knowledge and awareness of concepts such as Identity & Access Management (IAM), Access Controls, Authorization, Encryption of data at rest / in transit, multi-factor authentication, web application firewalls
- Support multiple national-level cyber security initiatives with significant visibility
- Conducting advanced research of cyber incidents and development of incident response and remediation recommendations
- Perform security testing and vulnerability assessments to identify security strengths and weaknesses, to assess the effective ness of existing controls, and to recommend remedial action
- Perform incident management and response activities as a member of the bank’s incident management team
- Review audit trails, system logs and other monitoring data sources regularly and ensure they are in compliance with policies and audit requirements
- Deliver security projects independently and lead cross-functional teams
- Serve as information security advisor during the development of technological projects
- Advise on and support the company’s overall enterprise security strategy
- Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information
- Ability to clearly articulate point of view verbally and in writing and quickly grasp business objectives and strategies
- Industry security certification (CISSP, CEH)
- A consistent track record implementing security solutions at the business unit level
- BA/BS degree in Computer Science, Information Systems, Cyber Security or a related technical field
- Demonstrated experience with building IaaS cloud based solutions including AWS, Azure
- Candidate must have demonstrated experience with Windows, Linux, Red Hat, hosts, operating systems
Security Engineer, Senior Job Description
- Maintain awareness of current and future external regulations and design standards from FDA, NIST, AAMI and similar international regulators and standards bodies
- Web content filtering deployment for all users to protect the users from various risks
- Execution of risk assessment activities (penetration testing and vulnerability assessments) performed by you, the internal security team and/or an external group
- Advanced, Knowledge of routing and switching protocols to include security policy setup and threat protection
- Security consultancy and advice to software and infrastructure teams
- Act as the infrastructure security specialist within the team
- Providing teams with security requirements
- Security assessments, with and without documentation or source code
- Reviews, updates, and enforces data security practices within the campus and restaurant systems environments
- Analysis of logs from various devices (Firewalls, Servers, routers/switches, endpoints) to determine possible violations of company policy, improvement of security posture, and detection of APT
- Familiar with Active Directory, and Windows Operating Systems
- Compose Body of Evidence require documentation (system security plans, security categorizations, risk assessments, network diagrams, business impact analysis)
- Have an understanding of TCP/IP network protocol, security vulnerability scanning tools (e.g., Nmap, ACAS, Nessus, Core Impact, DISA STIGs, CS Benchmarks)
- Must be US Citizen or Naturalized US Citizen
- Demonstrated, hands-on experience working with Intrusion Detection/Intrusion Prevention Systems (IDS/IPS)
- Advanced understanding of network and web protocols (TCP/IP, UDP, IPSEC, HTTPS, routing)
Security Engineer, Senior Job Description
- Install, manage, maintain and configure existing Entrust PKI systems
- Document current security policies and procedures and make recommendations to management for changes where appropriate
- Ensure policies are effectively communicated to the business
- Work with many disciplines within the business regarding policy – technical, physical, professional
- Work with all disciplines ensuring security compliance
- Address customer specific questions on security and hosting environment, either in written or verbal form through RFPs/RFIs or periodic customer driven assessments
- Designs, builds, tests, and maintains network computing security platforms including, but not limited to, Intrusion Detection Systems (IDS), Intrusion Prevention systems (IPS), and firewalls
- Ensures that all infrastructure systems are designed, implemented, and supported to meet security policies and standards
- Ensures that products meet security standards and requirements expected by customers and the commercial marketplace
- Assess risk and recommend mitigating controls for project implementations, designs
- Knowledge of system and network security, authentication, cryptography, and application security
- Demands familiarity with security engineering principles, theories, concepts and technologies applied knowledge of established procedures, policies and practices
- 5-7 years of hands-on experience in linux administration, network engineering, or security engineering in an Enterprise IT or Managed Security Services environment
- Extensive Linux/Unix command line skills and knowledge with the ability to troubleshoot security, networking, and system issues at an advanced level with minimal support
- Networking knowledge must on par with that required for a CCNA certification
- Proven ability to troubleshoot, correctly diagnose, and correct identified security deficiencies