The Information Security Engineer will be responsible for providing engineering design, analysis, and support for routers, firewalls, networks, and operating systems. The ISE will be the primary contact and coordination point for all Information Security incidents, projects and remediations. Position will report to the IT Director of Technology.
- Researches, designs, and implements information security solutions for organization systems and products that comply with all applicable security policies and standards.
- Works with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software.
- Analyzes and makes recommendations to improve network, system, and application architectures.
- Examines network, server, and application logs to determine trends and identify security incidents.
- Leads in the review and update of information security policies, architectures, and standards.
- Leads in responding to audits, penetration tests and vulnerability assessments.
- Member of the Cybersecurity Incident Response Team.
Skills and Competencies:
- Technical expertise in network security knowledge, to include VPN, Firewall, network monitoring, intrusion detection, web server security, and wireless security.
- Deep experience within the Microsoft Technology stack.
- Experience working with Cisco networks.
- Experience or understanding of Sophos security tools.
- Strong knowledge of common vulnerabilities and exploitation techniques.
- Practical experience with database security, content filtering, vulnerability scanning, and anti-malware.
- Strong decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate one.
- An ability to effectively influence others to modify their opinions, plans, or behaviors.
Education and Experience:
- BS or MA in Computer Science, Information Security, or a related field.
- 5+ years of experience in information security, especially in a security engineering role.
- Preferred Certified Information Systems Security Professional (CISSP) or current pursuing certification