Information Security Engineer II

Antivirus, Audit, Best practices, CISSP, Cloud security, Compliance, Cyber security, Data loss prevention, Engineering, Endpoint protection, Documentation, Disaster recovery, Forensics, Firewall, IPS, IT, Implementation, Incident management, Information security, Information systems, Intrusion detection, Investigation, Malware analysis, IDS, Networking, Network security, Monitoring, Policies and procedures, Recovery, Reporting, Risk assessment, Risk management, SIEM, Security, Security analysis, Security architecture, Security engineering, Service level, Software security, System security, Systems design, Systems engineering
Full Time
Depends on Experience
Travel not required

Job Description

ICW Group's Information Security team is seeking an Information Security Engineer to enforce our cybersecurity integrity. On premise and cloud security are of the utmost importance to this role which calls for a results driven mindset to drive our security posture into the future. The purpose of this job is to design secure architectures and develop cybersecurity approaches and techniques to evaluate the security of a system or network. The position exists to monitor and defend ICW Group’s technology against potential threats that jeopardize the financial growth and security goals of the company.

 ESSENTIAL DUTIES AND RESPONSIBILITIES 

Monitors and defends information systems against unauthorized access, modifications and/or destruction

  • Monitors networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior and develops strategies to respond to and recover from a security breach. 
  • Leads security incident response, including preparation, detection, analysis, containment, eradication and recovery.
  • Researches and implements methods to remediate network and application security vulnerabilities.
  • Participates in security architecture controls reporting, compliance audits, monthly and ad-hoc statistics and trends, and risk-focused reports including internal and 3rd party Risk Assessments. 

Runs complex security related projects and resolves security related issues

  • Resolves complex security projects and issues. Develops a set of security standards to respond to and recover from a security breach.
  • Provides support by proposing solutions, coordinating implementation, and enforcing information systems security policies, standards, and methodologies.
  • Uses advanced technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools to detect intrusions, breaches in compliance, etc.
  • Prepares and analyses system security reports by collecting, analyzing, and summarizing data and trends.
  • Maintains operational security posture for an information system or program to ensure information system security policies, standards, and procedures are established and followed. 

Serves as cyber security technical subject matter trainer and resource for the organization

  • Provides information security expertise to system development teams throughout the life cycle process.
  • Partners with systems engineering teams to ensure system design and implementation are consistent with company policies, requirements and directives.
  • Conducts information security risk assessments including documenting processes, service level agreements and best practices.
  • Develops the overall security design, development, testing and implementation of security solutions. Recommends compliance strategies that support customer requirements and alignment to company policy.
  • Ensures security quality, adherence to security guidelines, profitability, and information security related metrics for self and assigned projects. 

SUPERVISORY RESPONSIBILITIES

None                                                                                                                                                                                                                                                                          

EDUCATION AND EXPERIENCE

Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cybersecurity, Networking, or Computer Science related discipline. Minimum 6 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions. Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development.

CERTIFICATES, LICENSES, REGISTRATIONS

Certification in GSEC, CISSP, and/or Security+ preferred.

KNOWLEDGE AND SKILLS

Knowledge of risk assessment tools, technologies and methodologies. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Ability to communicate network security issues to peers and management. Ability to read and use the results of mobile code, malicious code, and anti-virus software. Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems.  Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems.  Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. Ability to read, analyze, and interpret technical journals, financial reports, security analysis reports and other IT related documents.  Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community.  Must be able to read, write and speak English effectively.

PHYSICAL REQUIREMENTS 

Office environment – no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear.  Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl.  Employees must occasionally lift and/or move up to 30 pounds.  Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time.

COMPETENCIES

This position maps to the Individual Contributor level.  Additional competencies required: None.

WORK ENVIRONMENT 

This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment.

Dice Id : 10123200
Position Id : 6839425
Originally Posted : 4 months ago
Have a Job? Post it