Overview
On Site
Full Time
Skills
Training
Data Security
Auditing
Vendor Management
Leadership
Project Management
KPI
System Security
Collaboration
Standard Operating Procedure
Regulatory Compliance
Policies and Procedures
Microsoft Office
Supervision
Loss Prevention
SAFE
Reporting
Security Controls
Firewall
IDS
IPS
Malware Analysis
SIEM
Log Management
Analytics
Network Monitoring
PKI
Information Security
Database
Telephony
Operating Systems
Security Architecture
Cloud Computing
Web Applications
Web Services
Network
Authentication
Group Policy
IT Audit
Digital Forensics
IT Project Management
Facilitation
Microsoft Exchange
Analytical Skill
OSI
TCP/IP
Problem Solving
Conflict Resolution
Documentation
Information Systems
CISSP
Job Details
Job Description
The Information Security Engineer II is responsible for maintaining an enterprise information and systems security stance through policy, architecture and training processes. Monitoring, evaluating, and maintaining systems, procedures and policies to protect the data systems and databases from unauthorized users. Leading Information Security projects and critical initiatives. Leading collaboration with IT architects and engineers to design and implement security controls. Identifying potential threats and vulnerabilities related to information systems. Determining causes of security violations and recommends corrective actions to ensure data security. Assisting in communicating security procedures to users. Supporting compliance audit and vendor management initiatives. Promoting information security education and awareness. Providing leadership and working as part of a team. Working with on-premise and cloud based technology
Essential Functions
Light project management
Track and report information security key performance indicators (KPIs)
Design, implement, and monitor security measures for the protection of computer systems, networks, and information
Identify and define computer system security requirements
Collaborate with IT architects and engineers to design and implement security controls
Prepare and document standard operating procedures and protocols
Develop technical solutions and security tools to help mitigate security vulnerabilities and automating repeatable tasks
Configure and troubleshoot security infrastructure devices
Write comprehensive reports related to the enhancement of computer systems, networks, and information security
Act as a security technical adviser or analyst for initiatives to evaluate new technologies for program conformance
Test solutions effectively utilizing industry standard analysis criteria involving delivery of technical reports and formal papers on test findings
Conduct periodic infrastructure scans, penetration tests, simulations to expose weaknesses, etc. Analyzing and reporting resulting findings with recommendations to minimize risks
Additional Essential Functions
Ensure compliance with Northwest's policies and procedures, and Federal/State regulations
Navigate Microsoft Office Software, computer applications, and software specific to the department in order to maximize technology tools and gain efficiency
Work as part of a team
Work with on-site equipment
Additional Responsibilities
Perform other duties as assigned
Safety and Health for those without supervisory duties
Abide by the rules of the safety and loss prevention program
Perform work tasks in a safe manner
Report any and all injuries to supervisor
Know what to do in case of an emergency
QUALIFICATIONS
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education
Bachelor's Degree in related field Or
(3) or more years of experience or an equivalent combination of education and related work experience
Work Experience
5 - 6 years Demonstrated work experience as a system, network, or information security engineer
5 - 6 years Hands-on designing, implementing, or administering technical security controls including firewalls, IDS/IPS systems, anti-malware, authentication systems, SIEM log management, content filtering, behavioral analytics, network monitoring, public key infrastructure
5 - 6 years Building and maintaining information security systems and frameworks
5 - 6 years Designing database, network, telephony, and operating system security architecture
5 - 6 years Thorough understanding of the latest security principles, techniques, and protocols
5 - 6 years Advanced understanding of cloud and web-related technologies (web applications, web services, service-oriented architectures) and of network/web-related protocols
5 - 6 years Configuring authentication mechanisms, system logging, group policy objects
5 - 6 years Supporting IT audit functions
5 - 6 years Performing digital forensics and related investigations
5 - 6 years Technical project management
General Employee Knowledge, Skills, and Abilities
Ability to establish effective working relationships among team members and participate in solving problems and making decisions
Ability to present and express ideas and information clearly and concisely in a manner appropriate to the audience, whether oral or written
Ability to actively listen to what others are saying to achieve understanding, sharing information with others and facilitating the open exchange of ideas and information
Ability to establish courses of action for self to accomplish specific goals, develop and use tracking systems for monitoring own work progress, and effectively use resources such as time and information
Ability to make right decisions based on perceptive and analytical processes, practicing good judgment in gray areas
Additional Knowledge, Skills and Abilities
Knowledge within various layers of the OSI Reference Model
Knowledge of TCP/IP communications ports and protocols
Problem solving skills and ability to work under pressure
Organization and documentation skills
Additional Licenses and Certifications
ISC2 - Certified Information Systems Security Professional (CISSP) within 1 Year Or
Certification from an industry recognized professional organization
Northwest is an equal opportunity employer. We are committed to creating an inclusive environment for all employees.
The Information Security Engineer II is responsible for maintaining an enterprise information and systems security stance through policy, architecture and training processes. Monitoring, evaluating, and maintaining systems, procedures and policies to protect the data systems and databases from unauthorized users. Leading Information Security projects and critical initiatives. Leading collaboration with IT architects and engineers to design and implement security controls. Identifying potential threats and vulnerabilities related to information systems. Determining causes of security violations and recommends corrective actions to ensure data security. Assisting in communicating security procedures to users. Supporting compliance audit and vendor management initiatives. Promoting information security education and awareness. Providing leadership and working as part of a team. Working with on-premise and cloud based technology
Essential Functions
Light project management
Track and report information security key performance indicators (KPIs)
Design, implement, and monitor security measures for the protection of computer systems, networks, and information
Identify and define computer system security requirements
Collaborate with IT architects and engineers to design and implement security controls
Prepare and document standard operating procedures and protocols
Develop technical solutions and security tools to help mitigate security vulnerabilities and automating repeatable tasks
Configure and troubleshoot security infrastructure devices
Write comprehensive reports related to the enhancement of computer systems, networks, and information security
Act as a security technical adviser or analyst for initiatives to evaluate new technologies for program conformance
Test solutions effectively utilizing industry standard analysis criteria involving delivery of technical reports and formal papers on test findings
Conduct periodic infrastructure scans, penetration tests, simulations to expose weaknesses, etc. Analyzing and reporting resulting findings with recommendations to minimize risks
Additional Essential Functions
Ensure compliance with Northwest's policies and procedures, and Federal/State regulations
Navigate Microsoft Office Software, computer applications, and software specific to the department in order to maximize technology tools and gain efficiency
Work as part of a team
Work with on-site equipment
Additional Responsibilities
Perform other duties as assigned
Safety and Health for those without supervisory duties
Abide by the rules of the safety and loss prevention program
Perform work tasks in a safe manner
Report any and all injuries to supervisor
Know what to do in case of an emergency
QUALIFICATIONS
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education
Bachelor's Degree in related field Or
(3) or more years of experience or an equivalent combination of education and related work experience
Work Experience
5 - 6 years Demonstrated work experience as a system, network, or information security engineer
5 - 6 years Hands-on designing, implementing, or administering technical security controls including firewalls, IDS/IPS systems, anti-malware, authentication systems, SIEM log management, content filtering, behavioral analytics, network monitoring, public key infrastructure
5 - 6 years Building and maintaining information security systems and frameworks
5 - 6 years Designing database, network, telephony, and operating system security architecture
5 - 6 years Thorough understanding of the latest security principles, techniques, and protocols
5 - 6 years Advanced understanding of cloud and web-related technologies (web applications, web services, service-oriented architectures) and of network/web-related protocols
5 - 6 years Configuring authentication mechanisms, system logging, group policy objects
5 - 6 years Supporting IT audit functions
5 - 6 years Performing digital forensics and related investigations
5 - 6 years Technical project management
General Employee Knowledge, Skills, and Abilities
Ability to establish effective working relationships among team members and participate in solving problems and making decisions
Ability to present and express ideas and information clearly and concisely in a manner appropriate to the audience, whether oral or written
Ability to actively listen to what others are saying to achieve understanding, sharing information with others and facilitating the open exchange of ideas and information
Ability to establish courses of action for self to accomplish specific goals, develop and use tracking systems for monitoring own work progress, and effectively use resources such as time and information
Ability to make right decisions based on perceptive and analytical processes, practicing good judgment in gray areas
Additional Knowledge, Skills and Abilities
Knowledge within various layers of the OSI Reference Model
Knowledge of TCP/IP communications ports and protocols
Problem solving skills and ability to work under pressure
Organization and documentation skills
Additional Licenses and Certifications
ISC2 - Certified Information Systems Security Professional (CISSP) within 1 Year Or
Certification from an industry recognized professional organization
Northwest is an equal opportunity employer. We are committed to creating an inclusive environment for all employees.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.