Senior Information Security Engineer

Position Summary

• Security engineering (Tier 3) focuses on translating business requirements into technical specifications, then designing and coordinating the building and implementation of security solutions. As a member of the [Company] Security Infrastructure Security Engineering team, this position oversees design and engineering of all security technologies centric to Servers, Endpoints & Mobile Workforce Security. These areas include but are not limited to, antivirus, host based intrusion detection systems (HIDS), endpoint firewall systems, disk encryption solutions, data loss prevention systems, file integrity monitoring systems, white listing technologies, and mobile device security hardening & configuration control systems.

Reporting to the Manager, Infrastructure Security Engineering, this position is responsible for:

• Performs engineering and architectural design reviews, project proposals, and Annual Operating Plan review sessions.
• Support operational implementation requirements for Mergers and Acquisitions ensuring compliance with Information Technology Policy, standards, and guidelines, and recommends design changes to the environment.
• Supports enterprise architecture road maps and ensures that security technologies are aligned in a qualitative, timely, and cost efficient way.
• Keep up with evolving risks, new developments in the security industry, and industry best practices in risk management techniques. Investigating opportunities to improve system capabilities based on observed risks or gaps.
• Ensuring timely reporting & remediation of security control gaps and vulnerabilities to the environment.
• Collaborate with Incident Response and Threat Intelligence teams to ensure security controls are optimized to adequately detect, prevent and enable response to current and future threats.

Minimum Qualifications

Education Requirements:

• Bachelors or equivalent experience; preferred Bachelor’s degree in Computer Science, Management Information Systems, Engineering, Mathematics or other related field.

Experience Requirements:

• Typically requires a minimum of 5 years of related experience.

Desired Qualifications:

• High aptitude for troubleshooting, with a background in enterprise IT operations (network, Wintel server, Unix server, desktop, applications, security) a plus.
• Experience working in a network security environment, such as a Security Operations Center (SOC), Security Incident Response Team (SIRT), or Computer Security Incident Response Center (CSIRC) investigating targeted intrusions through complex global network segments, preferred.

One or more of the following certification designations is preferred:

• GIAC Certified Intrusion Analyst – GCIA
• GIAC Certified Incident Handler - GCIH
• GIAC Certified Forensic Examiner - GCFE
• GIAC Certified Forensic Analyst - GCFA
• Certified Information Systems Security Professional - CISSP
• Other Technical Certifications considered
• U.S. Government Security Clearance, and/or capability to obtain clearance, preferred.