Senior Information Security Engineer

Job Summary

Plans, designs, and builds security architectures for the organization, including implementing network and computer security and ensuring compliance with corporate cybersecurity policies and procedures. Monitors and maintains security requirements for a variety of technology platforms to mitigate risk for the organization.

 

Major Tasks, Responsibilities, and Key Accountabilities

Conducts independent security testing and evaluation of new and existing systems, including scanning vulnerabilities, performing security configuration reviews, writing test plans, running test scripts, and generating test summary reports.
Designs, builds, configures, and maintains cybersecurity threat defense capabilities and user access management.
Identifies security vulnerabilities and develops algorithms and methods for detecting and preventing host- and network-based attacks.
Collaborates with enterprise technology teams to configure and integrate cybersecurity systems that mitigate risk for the organization.
Performs advanced analyses and/or reverse engineering of suspect source code and makes appropriate changes to security event detection systems.
Initiates security response procedures when a problem is detected and methodically creates and updates security standard documentation, including developing attack and defense methodologies for high risk computer networks and automating security analysis efforts.
Performs a wide range of technical operations related to the location, retrieval, processing, review, analysis, and production of electronic data for discovery, audit, or investigation.
Maintains procedures and devices in compliance with SOX compliance, PCI regulations, and other regulatory authorities  and provides data to internal or external auditors for security and compliance audits.

Nature and Scope

Identifies key barriers/core problems and applies problem solving skills in order to deal creatively with complex situations. Troubleshoots and resolves complex problems. Makes decisions under conditions of uncertainty, sometimes with incomplete information, that produce effective end results.
Independently performs assignments with instruction limited to the expected results. Determines and develops an approach to solutions. Receives technical guidance only on unusual or complex problems or issues.
May oversee the completion of projects and assignments, including planning, assigning, monitoring and reviewing progress and accuracy of work, evaluating results, etc. Contributes to employees’ professional development but does not have hiring or firing authority.
Work Environment

Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.
Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions there may be a need to move or lift light articles.
Typically requires overnight travel 5% to 20% of the time.
Education and Experience

Typically requires BS/BA in a related discipline. Generally 5-8 years of experience in a related field OR MS/MA and generally 3-5 years of experience in a related field. Certification is required in some areas.

Preferred Qualifications

Bachelor’s degree in computer science or a related field.
5+ years of experience in cybersecurity or information technology.
Certified Information Systems Security Professional, Certified Information Systems Auditor, or a related certification.