Senior Information Security Engineer Job Description
Senior information security engineer
provides support to management in areas of technical expertise with respect to emerging cloud technologies, standards, and medical IT industry trends.
Senior Information Security Engineer Duties & Responsibilities
To write an effective senior information security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included senior information security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Create and maintain appropriate documentation especially process flows and technical procedures
Perform incidental response and related duties, as required
Create a standard set of requirements, technical designs, and recommended configurations necessary to design, implement and deploy our security capabilities in partnership with a variety of internal and external partners
This position is a part of a centralized team of systems administrators, systems engineers and application developers
The Information Security Engineer will work alongside the Information System Security Manager to maintain the accreditation on Applications, Enclaves and Platform Information Systems
Assists with technical direction in designing and implementing security solutions for corporate technical infrastructure and business applications
Participates in all phases of project planning in security service support, including functional requirements, design specifications, testing and quality assurance, implementation and support
Leads technical engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
Evaluates and implements security devices such as firewalls, IDS, IPS, threat correlation tools, vulnerability scanning tools, encryption capabilities, Develops test plan and implements rigorous testing prior to rollout of new systems into the production environment
Evaluates, using security knowledge, tools and practices, vendor services and new business units, working to reduce risk for newly onboarded services or networks
Senior Information Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Information Security Engineer
List any licenses or certifications required by the position: CISSP, GIAC, CISA, CCSP, CEH, SSL, CASP, CISM, SANS, PNSE
Education for Senior Information Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the senior information security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Primary Degree in Engineering, Technical, Science, Computer Science, Information Security, Information Technology, Technology, Management, Computer, Information Assurance
Skills for Senior Information Security Engineer
Desired skills for senior information security engineer include:
Emerging technologies
IT audit and control
Technical writing/documentation
Training delivery
Asset management
Governance
Procedures and policies
System and technology integration
IT standards
Industry trends and direction
Desired experience for senior information security engineer includes:
Knowledge of application Security Architecture.•Familiarity with at least one network and web application vulnerability scanners source code analysis tools
Must have current Certified Information Systems Security Professional (CISSP) certification
At least an Associate’s degree in a technical, business or communications discipline
Experience with network and host security monitoring, detection and response tools and capabilities including IDS, malware sandboxes, log correlation engines, flow collectors, memory forensics
Knowledge of the Technologies and Products
The ability to analyze complex problems, quickly develop creative solutions, and adapt to a fast paced environment
Senior Information Security Engineer Examples
1
Senior Information Security Engineer Job Description
Job Description Example
Our innovative and growing company is searching for experienced candidates for the position of senior information security engineer. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for senior information security engineer
- Participate in compliance other responsibilities including
- Correlate and tune network, system, and application devices for security events
- Evaluate, plan, document, and implement new security tools within our environments
- Perform routine audits to ensure compliance with security policies and other industry standards
- Perform vulnerability assessments, security control checks, and reporting
- Research and evaluate the latest security products to combat the latest threats
- Understands current computer technologies and technical security requirements as applied to the design, development, evaluation, and integration of computer systems and networks to sustain compliance with national and corporate policy best practices
- Install and use software
- Lead technical and forensic investigation into how the incident/breach occurred and the extent of the damage
- Perform source code review and penetration testing of both new and existing applications
Qualifications for senior information security engineer
- Experience with various forms of virtualization technology
- BS Degree in Computer Science, Information Technology, Telecommunications, or Electrical Engineering, or equivalent work experience
- Must have hands on working knowledge of UNIX/AIX, Microsoft NT/200X, firewall multi-layer design and implementation, router access list/packet filtering (Cisco), WANs, LANs, the Internet, Intranets, network protocols and network services (e.g., Telnet, FTP, ), intrusion detection systems, Virtual Private Network (VPN), RSA SecureID, Enterprise Security management tools, security assessment software
- Must possess a basic understanding of ISO 27002 and IT audit frameworks including PCI-DSS 2.0, COBIT and COSO, OWASP
- Ability to consult internally with Sr
- Evaluation & assessment of compliance to a regulation, law or policy using industry standard methodologies (ISO27001, COBIT, NIST, ) in an enterprise environment
2
Senior Information Security Engineer Job Description
Job Description Example
Our innovative and growing company is looking to fill the role of senior information security engineer. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for senior information security engineer
- Prepares and maintains detailed documentation on all physical and logical security configurations
- Initiates and leads the Computer Security Incident Response process according to organizational incident handling policies
- Performs analysis of the organization's network and systems security, monitoring, and alerting needs and contributes to design of network and system architecture
- Researches latest security exploits, vulnerabilities, and attack vectors, determines the risk they post to the business, and suggests methods to protect against them
- Handles escalated support requests and further escalates when needed
- Responsible for the implementation and migration of software and hardware security upgrades and patches
- Ensures security infrastructure processes, concepts, and maintenance are incorporated into systems, software, and hardware platforms in accordance with approved internal standards
- Provides technical input to projects along with implementation support to network services and infrastructure design teams
- Performs maintenance of security infrastructure to include updates and patching of software and hardware
- Maintains a comprehensive and in depth, component level understanding of all IT systems, data flows, applications, technologies, security controls, threats, weaknesses and countermeasures
Qualifications for senior information security engineer
- Takes advantage of available resources to complete work efficiently
- Performs independently
- Oversees project completion of less experienced team members
- High passion for Security and Availability
- Linux/UNIX Engineer or developer
- Distributed development of Highly Available and Highly Scalable systems
3
Senior Information Security Engineer Job Description
Job Description Example
Our company is searching for experienced candidates for the position of senior information security engineer. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for senior information security engineer
- Monitor security newsgroups, mailing lists, web sites, and other similar resources to stay informed of new security threats and emerging technologies
- Work with the SOC to support and respond to security technology needs
- Maintain well organized technology diagrams (network, rack, architecture, dataflow) and system inventories
- Provide system administration for the global security technology stack
- Lead discussions related to the architecture and engineering of security technologies that support the SOC
- Collaborate with the infrastructure teams
- Design, update, and maintain standard operating procedures for security system administration
- Troubleshoot technology issues
- Manage service request queues
- Partner with vendors to maintain and enhance security technologies
Qualifications for senior information security engineer
- Subject Matter Expert (SME) level knowledge of vulnerability management solutions OpenVAS and Rapid7 installation, configuration, administration, and troubleshooting
- Knowledge of scripting languages such as Perl, Python, Bash
- Familiar with log management and SIEM solutions
- Knowledge of PCI, SOX 404, Safe Harbor, and other regulations/standards
- CISSP and/or CISA Certifications preferred
- Must have 2+ years of direct experience with modern DLP solutions
4
Senior Information Security Engineer Job Description
Job Description Example
Our growing company is looking to fill the role of senior information security engineer. We appreciate you taking the time to review the list of qualifications and to apply for the position. If you don’t fill all of the qualifications, you may still be considered depending on your level of experience.
Responsibilities for senior information security engineer
- Assesses risks based on changes to implementation of ISO(International Organization for Standardization)/BSO(Business Services Online)
- Creates cost effective solutions for system/application development regarding Information Security processes and concepts in applicable systems and software
- Performs day-to-day Information Security functions pertaining to computer access control on numerous security software products and processes
- Enhance understanding of business objectives and helps providing direction based on risk, Corporate Policy, and association and regulatory guidelines
- Participates in developing long term strategies for conducting system penetration, vulnerability and web application testing, risk assessments, policy creation
- Lead technical information security assessments on vendor solutions providers to accurately reflect associated organizational risk
- Analyze, review, monitor, and reassess the adequacy of information security provisions in vendor and customer contracts
- Lead vendor assessment and risk monitoring by populating an existing GRC tool with assessment results
- Execute technical risk assessments using NIST SP 800-30 methodology against a variety of organization units, entities, business units, technologies, data centers, Summarize and present residual risks identified from assessments for an executive-level audience
- Perform security audits, internal security assessments, risk assessments, and support the management of independent external security audits
Qualifications for senior information security engineer
- Maintain a professional certification as a Certified Information Systems Security Professional (CISSP)
- Strong working knowledge of infrastructure technologies such as Windows and Linux operating systems
- Candidate must process a CISSP or equivalent IA certification, Security+CE, RHEL 6 System Administration, MCSA, or other equivalent certification
- Possess security certifications (CISSP, CCNA, ) and/or top secret security clearance
- Possess security certifications (CISSP, CCNA)
- Knowledge of IEC 62443 policies
5
Senior Information Security Engineer Job Description
Job Description Example
Our growing company is looking to fill the role of senior information security engineer. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for senior information security engineer
- This position shares in responsibility for information security by following all applicable security policies and procedures
- This position is authorized to use elevated privilege accounts in the performance of job duties
- This position is authorized to handle sensitive or confidential data in accordance with established procedures in the performance of job duties
- This position has access to systems providing account and access provisioning
- This position is authorized to issue password resets in accordance with established procedures in the performance of job duties
- This position is authorized to manage, provision, and deprovision IT assets in accordance with established procedures in the performance of job duties
- Builds relationship and partners with member of IT Security and Risk Management, Enterprise Architecture, Network Engineering, Security Operations and with functional areas across IT and the business to raise and support the security posture of the company
- Designs, tests and deploys IT security systems and solutions
- Review applicable security support models and identifies opportunities for continued process improvement
- Monitor and review requests for change to assure they do not introduce any security and/or compliance risks to the enterprise and meet security requirements, guidelines and compliance requirements
Qualifications for senior information security engineer
- Demonstrated experience with common penetration testing and vulnerability assessment tools such as Burp Suite Professional, SQL Map, Metasploit, AppScan
- Experience in the use of source code analysis tools such as Fortify
- Extensive experience reviewing source code and assisting developers in closing vulnerabilities
- Understanding of security vulnerabilities (i.e., SQL Injection, XSS, buffer overflows) emerging platform vulnerabilities
- Experience with Enterprise Java web application frameworks, including Struts and Spring
- Intermediate knowledge of web frameworks, including XML, SOAP, REST,J2EE, JSON and Ajax