The Information Security Engineer is a member of IT team and focused on data loss prevention and intrusion detection to ensure business optimization.
Responsibilities include, but are not limited to:
- Participates in all information security projects and the day to day maintenance of securityinfrastructure.
- Leads the vulnerability and patch management effort and assures organizational risk is minimized.
- Prepare and document standard operating procedures and protocols.
- Configure and troubleshoot securityinfrastructure devices and applications.
- Develop technical solutions to mitigate security vulnerabilities, automating tasks to minimize overhead.
- Participate in securityinvestigations and incident response when necessary.
- SIEM - (adding, creating, modifying data sources).
- Creating dashboards, queries and alerts.
- 3-5 years experience as a security engineer or systems engineer.
- One or more security certifications – CISSP, CEH, SSCP, Security +, CASP, etc. a plus•
- Thorough experience with security stack, including firewalls, IDS/IPS, endpoint security
- Authentication, log management, content filtering, packet analysis, threat intelligence, PKI.
- Experience in a mixed environment of operating systems : Windows, Linux
- Experience with SIEM tools (Security Information and Event Management).
- Vulnerability management a plus. (Nexpose, Rapid7, BitSight)
- Thorough understanding of latest security principals, protocols and techniques.
- Scripting experience a plus – python, perl, powershell, vbs.
- Ability to work under pressure and manage multiple projects.
- Willingness to learn and adapt to any situation that arises.
- Understanding of security awareness training methods – Phishing, LMS, communications, etc.
- Deep understanding of cloud application security.