IT Security Engineer
Classification
Exempt
Reports to
IT Enterprise Architect
JOB DESCRIPTION
Summary/Objective
The IT Security Engineer reports to the Information Security Manager and exhibits a passion for championing the corporate security goals along with the desire to promote security best practices. This role is responsible for performing all functions required to lead and support day-to-day security operations, maintaining the network and system components that comprise the infrastructure, accountable for the confidentiality, availability, and integrity of endpoint devices, monitoring compliance with IT security policy and regulatory compliance requirements, and managing security event and incident related occurrences.
Essential Functions
- Monitor, respond, and advise on information security issues related to any corporate owned devices to ensure security controls in place are appropriate and operating as intended
- Lead/coordinate response to information security incidents and exercise independent judgement in the investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches
- Ability to analyze systems and conduct activities within the SDLC framework
- Architects, designs, implements, maintains and operates information system security controls and countermeasures
- Develop and publish information security policies, procedures, standards and/or guidelines based on best-practices and applicable security requirements
- Collaborate with IT leadership, legal department, and law enforcement agencies as necessary, to manage security vulnerabilities
- Consistently exhibit and support a “customer” first attitude by providing best-practice security solutions that meet the needs of the business
- Encourage a collaborative and positive environment for security awareness and education
- Conduct security research to gain a better understanding of the enterprise threat landscape and keeping abreast of the latest security issues
- Conduct enterprise security audits, define remediation plans, and manage threats within the acceptable risk tolerance range
- Responsible for performing static and dynamic source code analysis, and perform required activities, techniques, and methodologies, and utilize the various security-related tools and/or programs
- Ability to secure the network perimeter through the operations of the firewall, virtual private networks (VPNs), intrusion detection system/intrusion prevention system (IDS/IPS), network access control (NAC), data loss prevention (DLP) and enterprise anti-virus solutions
- Provide security expertise as a representative of the business by analyzing business needs and recommending solutions
- Knowledge and practice of risk assessment tools, technologies and methods
- Experience designing secure networks, systems and application architectures
- Knowledge of disaster recovery, computer forensics tools, technologies and methods
- Ability to communicate security issues to peers and management
- Ability to read and use the results of mobile code, malicious code, and anti-virus software or other vulnerability solutions
Competencies
- Attention to Detail: Taking responsibility for a thorough and detailed method of working.
- Teamwork: Working as a productive member of a cohesive group toward a common goal, and contributing to team development and effective team dynamics.
- Usage of Technical Expertise: Acquiring and applying technical and functional knowledge in one's own technological area of specialty.
- Problem Solving: Having the ability to identify problems and issues of varying complexities and to find effective solutions with few guidelines.
- Written Communication: Expressing ideas and opinions clearly in properly structured, well-organized, and grammatically correct reports or documents; utilizing language and terminology.
Supervisory Responsibility
This position has no supervisory responsibilities.
Work Environment
This job operates in a professional office environment. This role routinely uses standard office equipment such as computers, phones, photocopiers, filing cabinets and fax machines.
Physical Demands
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job.
Must be able to sit for long periods, Must have reliable transportation, Must be able to drive.
Position Type/Expected Hours of Work
This is a full-time position. Days and hours of work are Monday through Friday, 8:00 a.m. to 5:00 p.m.
Travel
0% - 10%
Required Education and Experience
- High School diploma or GED
Preferred Education and Experience
- Bachelor’s Degree
- Able to operate independently, with little to no supervision, while performing job duties
- Advanced understanding of firewalls (functionality and maintenance), switches, routers, email gateway and DLP, IPS/IDS, anti-virus/malware, vulnerability scanning, VSX and Endpoint security solutions, system event and system monitoring solutions, and security-related systems
- Advanced understanding of cloud architecture and cloud security practices
- Advanced understanding of and practical experience with protecting data at rest, data in motion and data at endpoint concepts
- Knowledge of Security Profiling and Threat models
- Familiarity with cryptographic algorithms and libraries
- Advanced understanding of network protocols, ports, and services
- Advanced understanding of operating systems and related components
- Advanced understanding of applicable compliance, legal, state regulations and/or other security-related requirements
- Highly responsive and proven professionalism in communication, interpersonal, analytical, and organizational skills
- Ability to work in a team environment under pressure in dealing with security incidents
- Ability to maintain in depth knowledge and networking infrastructure utilized by the company including the management and reporting of each
Additional Eligibility Qualifications (Knowledge, Skills, Abilities)
- CompTIA Security+
- Security Associate of (ISC)2
- Certified Information System Security Professional (CISSP)
- Certified Security Analyst (CSA)
AAP/EEO Statement
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Other Duties
Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.