Information Security Engineer

Information Security Engineer 100% On Site (Atlanta, GA)

Skills required: Information Security process orientation for ISM
Years of experience: 6-8 years

• Roles and Responsibilities:

• Responsible for governance compliance with regulations and processes to protect the confidentiality, integrity, and availability of IT assets (information, data, and IT services) within the organization.
• Assess the quality of security controls using Global Cyber Security Goals and associated Key Performance Indicators (KPIs).
• Coordinate vulnerability assessments or analysis of information security systems.
• Identify potential vulnerabilities in services and applications
• Assessing threats, developing meaningful security measures, and testing their effectiveness
• Oversee the development of plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure or to meet emergency data processing needs.
• Support in the classification of information, D@Cloud and Application Recovery
• Coordination of security incidents
• Evaluate and integrate IAM technologies and tools, such as Single Sign-On (SSO), Multi-Factor Authentication (MFA), and Privileged Access Management (PAM).
• Knowledge, Skills & Abilities:
• Minimum of 7+ years of relevant work experience in IT
• Experience in many of the following areas:
• Knowledge of IT guidelines and corporate IT policies, IT standards, knowledge of IT organization (e.g., for escalation paths for non-standard requests)
• Experience with Identity and Access Management (IAM) tools and frameworks.
• In-depth knowledge of IT security, in particular firewalls, protocols, encryption, authentication and authorization, and secure system design and programming
• Overview of current threats, risks, information security techniques, and controls to mitigate them.
• Experience with incident management, problem management, and change management
• Experience with managing business stakeholders
• Working knowledge of NIST, Open Web Application Security Project (OWASP), and Open-Source Security Testing Methodology Manual (OSSTMM)
• Experience managing information technology projects or system activities by implementing software development life cycle (SDLC) with security quality gates
• Experience with Implementing security measures for computer or information systems.
• Overview of current threats, risks, information security techniques, and controls to mitigate them.
• Experience with providing technical guidance to other personnel
• Recommend changes to improve the security posture of computers or information systems.
• Experience supporting security in DevOps processes.
• Strong proficiency with common management frameworks, regulatory requirements, and industry-leading practices

Relevant certifications such as CISSP, CCSP, IAM-specific certifications are highly desirable.