Information Security Eng 3 (5-yr fixed-term)
Role details
Job location
Tech stack
Job description
The Information Security Engineer 3 is a career level, professional role that is a seasoned security technical leader for the organization. This role positively influences colleagues beyond the Information Security Division and regularly contributes to the strategic vision of Information Security practices, ICS and the Church under limited supervision. This position works to improve and maintain security infrastructure, establish best practices and follow Church policies. This position evaluates and helps select methods and techniques for designing, defining, developing, testing, implementing and analyzing a variety of technical products and systems. This role ensures that information security controls are properly implemented, monitored and maintained to protect organizational data and systems. This position assists the business in defining objectives, processes and measurements. This is an individual contributor role.
The incumbent will plan and execute security tasks in support of areas of coordination between information security, legal, audit, physical security, and other functions. Though the incumbent will, when needed, coordinate with our information security operations and incident response teams, this role is not focused on 24/7 cyber alerting, investigation, and response.
This individual works with divine guidance to provide or support technology that furthers the mission of the Church and reflects the eternal impact of the gospel.
We value early, mid and late-career candidates and encourage all applicants with the posted skills and abilities to apply.
Execute established security practices with consistency and discipline and continually look for ways to improve practices
Act as a technical lead for high-profile or high-risk incidents or investigations and consultations with affiliated Church entities
Oversee and mentor junior Information Security Engineers and/or interns
Direct the development of standard practices and tools within areas of expertise
Collaborate with engineers in other groups to implement standardized practices and follow routine process to promote secure systems
Participate in the development and refinement of Information Security programs
Participate in the evaluation, selection, testing and implementation of security-focused products and services
Develop and maintain documentation for security systems and procedures
Requirements
- Bachelor's degree in related field or equivalent professional experience
- Five years of experience in security, privacy, business continuity, compliance or related area
- Two years of demonstrable expertise and skills in the following areas: Attacker tactics for both enterprise and web systems, cyber threat intelligence, incident handling, continuous monitoring, intrusion detection, advanced network forensics, host forensics and malware analysis
- Proven ability to successfully lead a highly technical team and design and implement security controls that meet business operational needs
- Demonstrated ability to understand IT risk and effect change through indirect influence across workgroups or business units
- Familiarity with programming and scripting
- Excellent professional written and oral communication skills
- This job operates in a professional office environment
- To successfully perform the essential functions of the job there may be physical requirements which need to be met such as sitting for long periods of time and using computer monitors/equipment
Preferred:
- Relevant security certification from one or more of the following or equivalent certifying authorities: GIAC, CompTIA, ISC2, EC-Council, etc.
