Under the general guidance of the Manager and/or Director, Information Security, the Information Security Engineer will provide support in the operational aspect of IT system security designs, policies, and solutions in conjunction with the Security Architects. This role will participate on project teams across business and IT groups. This role will also assist in planning, designing, and managing enterprise information security initiatives in support of the core security functions of the Information Security group.
ESSENTIAL DUTIES AND RESPONSIBILITIES
- Works closely with all IT groups as a subject matter expert in systems and network security technology and practices. Participates in security implementation projects to ensure security requirements are evaluated and met. Provides input as a member of project teams to ensure that adequate security controls and features are implemented into information systems as an integral part of the initial system design. (30% of time)
- Participate in formulating Apria’s IT security strategies. Help determine technology and process requirements to implement security strategies. Assesses Apria’s IT environment against industry best practices and benchmarks to determine the weaknesses and vulnerabilities of the information security infrastructure, implementing security measures to decrease exposure to attack and/or penetration. (30% of time)
- Support security operations and governance. (25% of time)
- Support IT risk and compliance management program, internal investigations, audits, assessments, in conjunction with Legal, HR, Corporate Compliance, and Internal Audit. (15% of time)
- Performs other duties as required.
Minimum Required Qualifications
Education and/or Experience
- A minimum of five (5) years of progressively increasing responsibility and achievement in the Information Technology area with at least one (1) year in information security, including experience with information security, vulnerability and threat management technologies.
- A Bachelor’s Degree in a related technical or business discipline from an accredited university or equivalent years of work experience in the field is required.
- Knowledge and working experience with any security disciplines such as but not limited to vulnerability assessment, penetration testing, incident response, industry security standards and practices, web application security, security audit/review processes and applying corporate and federally mandated policies.
- Experience managing IT projects in a team-oriented cross-organizational environment.
- Familiarity with information security standards such as NIST, ISO, COBIT, and associated security controls.
Certificates, Licenses, Registrations or Professional Designations
- An industry recognized certification (e.g., CISSP, GIAC, CISA, CISM) is preferred.
Essential Skills and Abilities
- Excellent interpersonal, oral/presentation and written communications skills in both technical and non-technical language.
- Conceptual and analytical thinker, able to understand, analyze and synthesize complex business and technology issues and strategies.
- Team builder/player and able to work effectively with others with a demonstrated cultural awareness for interactions in multicultural and multi-national settings.
- Broad information technology and project management background.
- Strong judgment and decision making skills; be self-motivated with the ability to work independently and in teams with minimal direction but willingness to seek advice/assistance.
- Flexible and adaptable process-oriented work style; strong demonstrated work ethic; personal time management skills.
- Demonstrated work ethic that emphasizes customer focus, quality and continuous improvement.
- Self-directed with the ability to work independently to meet deadlines and produce quality of work in a time-sensitive, fast-paced environment.
- Demonstrated experience of disaster recovery, incident response, forensics, malware analysis, and secure code review is a plus.
English (reading, writing, verbal)
Comprehensive benefits package offered for eligible employees:
- Competitive salary
- Ability to have early access to earned wages
- Medical, Dental and Vision
- Healthcare Flexible Spending Accounts and Healthcare Savings Accounts
- Life, AD&D and Disability Insurance
- Paid Time Off, including Vacation, Personal Time, Paid Sick Leave & Paid Holidays
- 401K Savings Plan (available immediately)
- Educational Assistance
- Employee Referral Reward Program
- Employee Discount Programs
- Company Paid Employee Assistance Plan (available immediately)
- We recognize our veterans by offering a company paid day off for Veterans Day
- Career Advancement/ Development Opportunities
- Compensation is commensurate with experience
- Annual compensation is based on a 40 hour week