ICW Group's Information Security team is seeking an Information Security Engineer to enforce our cybersecurity integrity. On premise and cloud security are of the utmost importance to this role which calls for a results driven mindset to drive our security posture into the future. The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. The position exists to monitor and defend ICW Group’s technology against potential threats that jeopardize the financial growth and security goals of the company.
ESSENTIAL DUTIES AND RESPONSIBILITIES
Monitors and defends information systems against unauthorized access, modifications and/or destruction
Runs complex security related projects and resolves security related issues
Serves as cyber security technical subject matter trainer and resource for the organization
EDUCATION AND EXPERIENCE
Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cybersecurity, Networking, or Computer Science related discipline. Minimum 6 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions. Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development.
CERTIFICATES, LICENSES, REGISTRATIONS
Certification in GSEC, CISSP, and/or Security+ preferred.
KNOWLEDGE AND SKILLS
Knowledge of risk assessment tools, technologies and methodologies. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Ability to communicate network security issues to peers and management. Ability to read and use the results of mobile code, malicious code, and anti-virus software. Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems. Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems. Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. Ability to read, analyze, and interpret technical journals, financial reports, security analysis reports and other IT related documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Must be able to read, write and speak English effectively.
Office environment – no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear. Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl. Employees must occasionally lift and/or move up to 30 pounds. Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time.
This position maps to the Individual Contributor level. Additional competencies required: None.
This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment.