Security Engineer

The primary responsibility of the Information Systems Security Engineer position is to ensure the confidentiality, availability, and integrity of data, computer systems, and network devices by recommending, implementing, and utilizing security defense systems to reduce the opportunity of cyberattacks. This position serves as the entry-level role supporting the Senior Information Systems Security opening., * Research and investigate the potential impact of new threats and exploits; conduct log analysis and other network forensic investigations

• Support security technologies and processes for scanning, testing, monitoring, and reporting
• Support the execution of security projects that improve detection and response capabilities
• Develop alerting and detection strategies to investigate any unusual behavior
• Develop new defensive techniques to recognize any changes in adversary techniques and tactics
• Conduct various network security scans and penetration tests to detect cybersecurity threats and identify weaknesses that may be exploited by malicious parties
• Play an active role in minimizing the negative impact if a security breach should occur; conduct a cooperative in-depth technical investigation on how the breach occurred to gain an understanding of the extent of the damage
• Support performing implementation analysis and technical risk assessments on systems to ensure conformity to current security standards and that operational support requirements are being met
• Support technical risk assessments and identify items requiring remediation, including firewalls, routers, switches, servers, AIX systems, and applications
• Support Information Security tools and infrastructure systems maintained by the Information Security Organization, including web filtering technology, IDS/IPS appliances, SIEM tools, antispam/antivirus systems, data leakage appliances, content screening servers, VPN systems, and firewalls
• Maintain knowledge of applicable rules, regulations, policies, laws, and guidelines; participate in the creation of effective security controls designed to promote adherence with applicable laws and accreditation agency requirements, seeking advice and guidance, as needed to ensure proper understanding
• Stay abreast of new developments in the field of technology and security by attending seminars/workshops, reading professional journals, and actively participating in professional organizations; integrates knowledge gained into current work practices

Do you have experience in Writing skills?, Do you have a Bachelor's degree?, * 2+ years of experience in an information systems security domain with a background in mobile device security, endpoint protection, wireless protection, vulnerability management, incident response & mitigation threat research, and cyber intelligence analysis, or other cybersecurity domains

• Prior experience in a System Administration role supporting multiple platforms and applications
• Working knowledge of NIST, HITRUST, PCI, HIPAA, Security Rules, and associated common security frameworks
• Working knowledge of design implementation and maintenance of Local Area Networks, Microsoft Active Directory / GPO, Data Loss, Prevention, & Encryption Technologies, Vulnerability Management, Intrusion Detection Systems & Intrusion Prevention Systems, Linux Operating Systems, Windows Operating Systems, Communication Protocols, Multi-factor Authentication systems, Cloud Access Security, Broker, Endpoint Detection, & Response Technologies, and Security Information & Event Management Tools
• Ability to comprehend results of mobile code, malicious code, and anti-virus software
• Ability to support project plans, organize and monitor tasks, and produce quality results in a timely manner
• Ability to perform technical risk assessments and implement corrective actions regarding the safeguarding of information systems
• Ability to support complex information security tools and provide guidance to other technical staff on proper use of the tools
• Superior writing skills and the ability to communicate effectively, including the ability to communicate complex security issues to peers and management
• Strong critical thinking skills and the ability to solve problems as they arise
• Ability to perform research in order to determine industry standard products and solutions in response to security requirements
• A minimum of a Bachelor's Degree in Computer Science, Management Information Systems, or other relevant field AND a CompTIA Security or other relevant cybersecurity industry certification