The Security Engineer is responsible for implementing proactive and responsive improvements in information security. The Security Engineer should understand common security controls and requirements as well as be able to "think like a hacker" and then be able to participate in researching, developing, and implementing solutions. Typical tasks include setting up new security rules and alerts, creating and administering vulnerability scanning programs, and implementing and managing new security tools, processes, and procedures.
Install security measures and operate software to monitor, analyze, and maintain systems and procedures to safeguard information systems, networks, databases, and external services Install security measures and operate software to identify potential security breaches and intrusions Utilize "red teaming" and adversarial tactics against information systems, networks, databases, and external services to discover vulnerabilities and weaknesses Implement vulnerability discovery tools and assist and monitor remediation efforts Recommend, implement, and work with other teams to make changes and instill best practices to enhance security
Respond to alerts from information security tools and other sources Report, investigate, and assist in the resolution of security incidents Oversee internal or external systems security (i.e., cloud services) Participate in internal and external information security audits Design and develop security controls and work with other teams to ensure compliance with regulations, privacy laws, and audit requirements
Be a subject matter expert for the company on IT security-related events, news, and issues Maintain safety, security, and privacy standards throughout all areas of responsibility.
Solid technical understanding of wide range of security technologies, protocols, and standards (e.g., Active Directory, multi-factor authentication, networking, DNS, etc.)
Solid technical understanding of weaknesses, vulnerabilities, and exploit techniques Awareness of security trends and developments
Implementing/managing security tools (SIEM, vulnerability scanning, anti-virus, EDR, etc.) Systems administration Red teaming Vulnerability analysis and management Programming/scripting
Ability to work in a team environment Ability to communicate information and ideas, both verbally and in writing, so others will understand Ability to thrive in dynamic, fast-paced software development environment
Proactive, detail-oriented professional Ability to establish priorities, work in independent and team situations, and proceed with objectives as needed Ability to work with all levels within the organization Flexibility to adjust to changing priorities and simultaneously work on high visibility projects to assure completion Ability to take a practical business-focused approach to IT Security
Other Essential Requirements
|