| Position Overview|
|Responsible for continuously protecting critical information assets and brand name, assuring compliance with corporate and regulatory policies/standards & industry best practices, while enhancing and enabling business initiatives. Information Security Engineers are responsible for providing technical guidance focused on information security architecture, including all security R&D, analysis, and design.|
|Primary Responsibilities & Accountabilities|
- Access, analyze, consult and document security requirements for all information systems, which may include applications, 3rd party providers, mainframes, servers, wireless, telecom, LAN/WAN, and databases.
- Determine security requirements by evaluating strategies and requirements, researching information security standards, conducting system security and vulnerability analyses and risk assessments, and studying architecture/ platform.
- Implement security systems by specifying intrusion detection methodologies and equipment, directing equipment and software installation and calibration, preparing preventive and reactive measures, providing technical support and completing documentation.
- Provide defensive security services, specializing in the development and continuous tuning of components of the company’s defensive and detection infrastructure.
- Perform risk identification and mitigation.
- Assemble risk scenarios to estimate likelihood and impact of significant risks to the organization.
- Performs other job-related duties as assigned.
| Minimum Qualifications|
- Bachelor's Degree or 4 years additional relevant work experience with focus in Computer science, information systems or other related field.
- 10+ years experience in related field
- 5 +years working with diverse security infrastructure including firewalls, IDS/IPS, secure web gateways, endpoint security, vulnerability scanners, SIEM and DLP.
- Bachelor's Degree in computer science, information systems or other related field.
| Required Behaviors|
- Lives the Values by embracing the essence of the company demonstrating a commitment to the company’s goal and values.
- Unifies and motivates team through praise and recognition of success with immediate feedback to build an environment of trust.
- Business-driven showing passion for the business, delivering results consistently.
- Customer-orientated by passionately demonstrating that the customer comes first… always by putting the customer’s needs above all else.
- People Passion through consistently treating others with respect and dignity.
| Knowledge, Skills, Abilities|
- Strong presentation skills, with the ability to articulate business case for information security solutions, and to effectively convey complex and detailed technical information in a clear, concise manner.
- Knowledge of compliance standards and information security industry best practices.
- Knowledge and experience with UNIX, Windows and Network Security.
- Working knowledge of security frameworks such as NIST 800-53, ISO 27002 and SANS Critical Controls.
- Currently holds industry standard certifications such as CISSP, CCIE, CeH and GIAC.
- Detailed knowledge of vendor solutions.
- Experience delivering IT Strategy and Transformation, Data Strategy, Governance, and IT Risk Management.
- Detailed understanding of a continuous monitoring program.
- Red Team experience.