Information Systems Security Engineer
- Posted: May 23, 2017
- Indiana, PA, USA
Work Days and Expected Hours:
Monday-Friday 8:00 AM-5:00 PM
(Additional hours as needed to carry out the objectives of the department)
Function: Assist in the maintenance and continued enhancement of the S&T Bank information security posture.
Duties and Responsibilities:
1. Develop and maintain secure baselines for systems and applications.
2. Assist in the administration and maintenance of security appliances, systems and applications used within the Organization’s infrastructure.
3. Engage in continuous tool improvement, process improvement and quality control and documentation activities to further enhance the Organization’s security posture.
4. Assist in reviewing system-related security planning throughout the network.
5. Review and analyze security logs, monitoring logs, firewall logs, IDS/IPS logs, as well as network and core related logs.
6. Participate in assigned on-call and incident response activities as part of the incident response team.
7. Investigate incidents through packet captures, reports, data visualization, and pattern analysis.
8. Perform data analysis, aggregation, event correlation and information security threat detection.
9. Assist in management of employee permissions and security within the Active Directory environment.
10. Participate in ongoing maintenance, testing, and governance of business continuity and disaster recovery plans.
11. Assist architects and systems developers in the identification and implementation of appropriate information security functionality to ensure uniform application of Organizational security policy and enterprise solutions.
12. Stay current on security trends and industry best practices; provide input and recommendations based on research.
13. Candidate must be able to respond to after-hours requests as required in a 24x7 environment.
14. Perform other related duties as assigned in accordance with qualifications.
Operates a keypad device: 65% of the day; operates electronic equipment: 20% of the day; travels: 5% of the day; conversations (phone or face-to-face): 10% of the day. The primary parts of the body involved in performing these tasks are the fingers, thumbs, hands, wrists, elbows, legs, and feet. Standing is required 10% of the day; sitting is required 75% of the day; walking is required 15% of the day. Requires the use of manual dexterity skills for typing up to 60% of the business day. Must be able to lift, move, and/or carry up to 60 lbs. Specific vision requirements include close vision of 18”-20” for computer work and travel. Reasonable accommodations may be made to enable individuals with disabilities to perform essential functions.
- Excellent verbal and written communication skills.
- Ability to work independently, as well as a member of a team.
Equal Opportunity Employer/Protected Veterans/Individuals with Disabilities
The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor’s legal duty to furnish information.
Bachelors or better in Computer Science or related field.
Working knowledge of information security concepts and best practices: IDS/IPS; firewalls; vulnerability and patch management; system hardening; encryption; virtual private networks; antivirus; logging and monitoring; identification/authentication techniques; configuration control; change management; auditing; principles of IA (confidentiality, integrity, non-repudiation, availability, and access control).
Command Line Scripting skills (PERL, python, shell scripting) to automate analysis tasks.
5 years:Network operations, Systems administration or related technology space.
2-5 years:Direct experience in Information Security.
Professional IT security certification(s), such as SANS GIAC certs are highly preferred.