Information Security Engineer
Location: Euless, Texas
We have an EXCITING new job opening for an Information Security Engineer to join our client’s headquarters in Euless, TX. This Information Security Engineer is a hands-on position which investigates, analyzes, and responds to suspicious behavior, attacks, and security breaches within the environments using a variety of cyber defense tools to identify and mitigate threats. Conducts vulnerability, security configuration, and/or penetration testing assessments of systems and networks and develops and implements solutions for addressing vulnerabilities, threats, and exploits. Enforcement and improvement of companies Enterprise Security Policy. Stays current with latest information security threats, exploits, trends, and intelligence.
- Ability to research and analyze the latest information security vulnerabilities, threats, exploits, trends and intelligence
- Maintenance and enforcement of Enterprise Wide Security Policies and related procedures
- Conducts routine vulnerability, security configuration, and/or penetration testing assessments and works closely with functional teams to remediate any issues while reporting on findings
- Monitors networks, systems, and applications for complex suspicious behavior (includes Insider Threat), attacks, impersonation, and security breaches.
- Management of all of our security monitoring, prevention, and remediation systems including but not limited to Email including PII/DLP, Endpoint protection, unstructured file system security, SIEM, IPS/IDS, patch / security management, cloud and related.
- Responds to cyber incidents, performing detailed analysis using and/or recommending security tools to determine root cause. Has to use knowledge, understanding, and experience of disparate skills (e.g. networking, servers, coding, etc.) to figure out the malicious actor's tactics, techniques and procedures.
- Conducts basic forensic analysis of compromised systems with supervision.
- Uses the discoveries from the incident response process to make moderately complex improvements to the existing detection capabilities and security controls.
- Prepares reports including recommendations to leadership on latest threats, alerts, and incidents.
- Work is completed independently. Serves as a resource to team members on escalated issues of an unusual nature.
- 3-5 years of experience in a dedicated Information Security role to include accountability for complex tasks and/or projects
- Experience establishing and maintaining a corporate security policy, testing and remediating threats to the organization, and able to work across a wide range of technologies to aid in protecting the environment
- Experience in the technology and process of vulnerability and security configuration assessment and scanning
- In-depth knowledge and expertise around PCI Compliance Standard
- Experience researching emerging cyber threats to understand and present hacker methods and tactics, system vulnerabilities, and indicators of compromise
- Very familiar with ISACA / COBIT / SOX Controls as well as Security best practices
- Well versed and experienced in core security applications and systems
- Experience in system administration, scripting, and automation
- Multiple years’ experience with influencing security principles, methodologies, and creating controls for new and emerging technology
- Proven experience successfully managing large projects
- Experience with public cloud and container technology including AWS and Azure
- Must possess ability to work in a fast-paced environment, have great attention to detail, and manage multiple initiatives with ease
- Proven Past experience in developing a company security program including MSP augmentation and testing
- Must have Bachelor’s Degree in Information Security or related
- CISM or CISSP preferred, but not required
**To view all of our open positions, please visit: http://www.alleareconsulting.com/job-openings