Job Profile Summary:
The Security Engineer, under supervision of the Senior Manager – Information Security, is responsible working with various Technology Services and interdepartmental teams to ensure thesecurity of information and network assets. This position will specialize in network security and requires a strong working knowledge of security control areas throughout the environment.
- Duties & Responsibilities:Assist with the definition of requirements for security technologies to include intrusion detection/prevention, application/data security, encryption, log analysis, authentication/authorization systems, identity management and access control.
- Assist in evaluating, planning, configuration, and implementation of new/existing security applications/tools.
- Configure, implement, monitor, and support security software/systems that will help ensure compliance with policies and procedures. This includes but is not limited to SIEM, Next Gen Firewall Management, IDS/IPS Management, Forward and Reverse Proxy Management, Web Application Firewall, Two Factor Authentication, IAS, Internal/External Certificate Authority, Network Access Control, etc.
- Responsible for development, execution and/or coordination of Security Architecture Reviews, Secure Network Design, DMZ Design and Architecture, IOC Monitoring, Threat & Risk Investigations, Incident Response and Documentation, External DNS, Registrar and Certificate Management, etc.
- Ensure security best practices are identified and integrated into all facets of the project including network, system designs/configuration, and implementations.
- Identify and recommend potential areas where existing data security policies and procedures require change, or where a control is required to mitigate security risks. Work with various teams to enhance security policies/procedures.
- Assist in the identification, response, investigation, and remediation of potential breaches of and issues surrounding data security.
- Manage relationships with 3rd party providers of security monitoring and tools to ensure assets are being protected.
- Proactively identify security issues, monitor performance trends, perform upgrades and make recommendations to improve security hardware and software as required.
- Perform periodic information risk assessments, conduct compliance monitoring activities and initiate reoccurring penetration testing.
- Responsible for providing off hours support for security as needed.
- Track data security issues to closure in a timely manner by partnering with business units, communicating solutions, and verifying remediation.
- The Security Engineer is a hands-on role involving design, deployment and support of complex security products.
- The engineer will provide daily operational support of security infrastructure and will work collaboratively with other team members and external information security vendors to identify advanced threats and prevent compromise.
- The Engineer will be engaged in critical decisions involving risk, incident response, and security process improvements in critical infrastructure and will assist in the design and execution of security policies, procedures, and processes.
- The Engineer will provide assistance with guiding technology teams toward securely designing architecting, and implementing new solutions. These tasks include system administration, troubleshooting, analysis, testing, research, training, problem solving, technical support, development, and testing/deployment of new applications, hardware, and systems.
- Experience/Education Required:Working knowledge of some or all of the following: TCP/IP | OSI Model, system logs (WMI, syslog, etc.), OS Security, encryption technologies, IDS/IPS, packet analysis, next generation firewalls, Forward Proxy with SSL interception, penetration testing and vulnerability assessment, event correlation, IOC development, advanced threat detection, and two factor authentication.
- Excellent listening skills and written and oral communication skills, including effective presentation skills.
- Ability to understand the technical implications of security threats.
- Demonstrated skill in collecting and analyzing complex data, evaluating information and systems, and drawing logical conclusions.
- Demonstrated skill in information security audit planning and project management, and in maintaining composure under pressure while meeting multiple deadlines.
- Must demonstrate the ability to maintain strict confidentiality of the firm's internal affairs
- Ability to relate to non-technical users in user-friendly language
- Ability to manage multiple concurrent objectives or activities, and effectively make judgments in prioritizing and time allocation in a high-pressure environment
- Experience with security policies and procedures, awareness programs and IT audits preferred.
- Ability to work independently under general supervision with considerable latitude for initiative and independent judgment.
- Strong interpersonal, communication, organization, creative, and leadership skills with the ability to exhibit sound judgment and express verbal and written information effectively.
- Understanding of ISO27001/NIST principles preferred.
- Bachelor's degree in an Information Security, Computer Science, Business or Engineering related program
- Minimum 5 years of information or network security-related experience.
- Ability to safely and successfully perform the essential job functions consistent with the ADA and other federal, state and local standards
- Sedentary work that involves sitting or remaining stationary most of the time with occasional need to move around the office to attend meetings, etc.
- Ability to conduct repetitive tasks on a computer, utilizing a mouse, keyboard and monitor