Information Security Engineer

Description

Primary Duties and Responsibilities (details of the basic job functions) Provides senior level support to the information security team and closely works with the other members of the team to develop and implement a comprehensive information security program, including defining security policies, processes and standards. Works with the IT department to select and deploy technical controls to meet specific security requirements and defines processes and standards to ensure that security configurations are maintained. Provides support and oversight to security standards to ensure boundary control, integrity of information and security monitoring technologies are reducing risk for ACG enterprise. Closely works with Directory of Enterprise Information Security and senior leadership teams to ensure security for ACG information. Develops a common set of security tools/controls, defines operational parameters and analyzes tool output. Provides oversight to security staff on deploying tuning and running vulnerability scanning and penetration testing tools. Provides support to the coordination and remediation required by Audit and keeps current on existing and proposed securitystandardsetting, state and federal legislation and regulations pertaining to information security. Preferred Qualifications Extensive experience managing and utilizing Carbon Black Response for threat hunting is desired.Conducting penetration tests and vulnerability assessments on information systems and infrastructure.Arcsight SIEM Experience a plusRequired Qualifications (these are the minimum requirements to qualify) Bachelor and/or Masters degree in Computer Science, Information Systems, Business Administration and/or equivalent security certification (CISSP, SSCP, GIAC, CEH, etc). Strong analytical skills to analyze security requirements and relate them to appropriate security controls. Extensive experience in/with Reporting unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.Assisting and training team members in the use of security tools, the preparation of security reports and the resolution of security issues.Developing and maintaining documentation for security systems and procedures.Responding to security incidents and resolving and/or escalating reported incidents as appropriateMonitoring system logs, SIEM, DLP tools and network traffic for unusual or suspicious activity and interprets these activity, making recommendations for resolution.Investigating and resolving security violations by providing post event analysis to illuminate the issues and possible solutions.Implementing and/or coordinating remediation required by audits, and document exceptions as necessary.Performing system and application vulnerability testing. .Conducting penetration tests and vulnerability assessments on information systems and infrastructure.Performing system and application vulnerability testing.Researching threats and vulnerabilities and where appropriate, taking action to mitigate these issues.Conducting penetration tests and vulnerability assessments on information systems and infrastructure.Supporting information security architectural requirements.Developing a common set of security tools defining operational parameters for their use and conducting reviews of tool output.Working with/mentoring less experienced staff on deploying, tuning and running vulnerabilityscanning and penetrationtesting tools.Providing second and thirdlevel support and analysis during and after a security incident.Participating in security investigations and compliance reviews, as requested by internal or external auditors.Maintaining an awareness of existing and proposed securitystandardsetting groups, state and federal legislation and regulations pertaining to information security.Participating in the enterprise architecture (EA) community, and providing strategic guidance during the EA process.Researching, evaluating, designing, testing, recommending and planning the implementation of new or updated information security technologies. Excellent technical knowledge ofMainstream operating systems [for example, Microsoft Windows and Red Hat Linux] and a wide range of security technologies, such as network security appliances, identity and access management (IAM) systems, antimalware solutions,endpoint detection and response, automated policy compliance tools, and desktop security tools.Working knowledge of Network security technologies (e.g. SIEM, DLP, Firewalls, IDS, IPS, WAF, Database Monitoring, File Integrity Monitoring, application proxies and routing and switching fundamentalsInformation security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.Network infrastructure, including routers, switches, firewalls, and the associated TCP/IP network protocols and concepts.Regulatory requirements such as PCI, FFIEC and GrammLeachBliley ActCurrent systems' software, protocols and standards Excellent presentation, persuasion, written and interpersonal skills to include procedure and technical material, report/proposal preparation and oral presentation. Ability to Contribute and collaborate as a lead member of a teamWork under stress in emergencies, with the flexibility to handle multiple highpressure situations simultaneouslyWork proactively and independently