Description
Position Description:
The Security Engineer assists the Information Security Team by supporting the company's Security staff in their efforts to protect all systems. This position will be responsible for developing and maturing projects around technical security controls, penetration testing, and incident response.
Minimum Experience:
- Bachelor's Degree in Information Systems, Technology or related field.
- Minimum of seven (7) years of progressively responsible security, systems and networking experience in a large scale environment.
- Three (3) to five (5) years of experience conducting penetration tests.
- Experience implementing and managing Data Loss Prevention products.
- Experience implementing vulnerability scanning solutions.
- Experience conducting penetration tests.
- Experience in complex infrastructures and organizations.
- Working knowledge of security technologies such as IPS, Firewalls, AV, MFA, and encryption.
- Experience leading technical projects.
- Strong knowledge of Windows environments.
- Strong knowledge of networking.
- Familiarity with the NIST, PCI, HIPAA and CJIS.
- Familiarity with Symantec and Cisco security products.
- Ability to handle multiple projects under tight deadlines.
Roles and Responsibilities:
- Work closely with other departments in the research, implementation, and upgrade of security tools such as DLP, MFA and AV.
- Identifies security risks through penetration tests, vulnerability scans and infrastructure reviews, then works with the affected teams to identify and implement controls to address risk.
- Analyzes security products to identify solutions that meet organization requirements and reduce security risk.
- Works with Security Analysts and Security Shared Service provider to respond to security incidents.
- Assist other departments in troubleshooting technical issues relating to security.
- Assists Security Analysts with conducting vulnerability scans and interpreting results.
- Provides technical expertise to the rest of the Security team.
- Assists in the creation of security related policies, standards and procedures.