Information Security Engineer Job Description
Information security engineer
provides the strong assistance on overall aspects of Information Security, IT Governance, IT Risk, IT Audit and IT Compliance.
Information Security Engineer Duties & Responsibilities
To write an effective information security engineer job description, begin by listing detailed duties, responsibilities and expectations. We have included information security engineer job description templates that you can modify and use.
Sample responsibilities for this position include:
Set policies & best security practices for IT, Infrastructure, and other internal organizations and third party integrations
Stay current on common and emerging attack vectors the best tools and practices for thwarting them
Work directly with internal IT staff and customer to establish and enforce IT security best practices, protection objectives, process improvements and effective IT security controls
Evaluation of new and existing security technologies
Lead security education across the organization
Participate in incident response, and forensics collection and analysis
Coordinate resolution of security issues with other Engineering and IT teams
Perform independent assignments in the troubleshooting, problem diagnosis, problem resolution and ongoing production support for for security tools (APT, SIEM, Web Filtering)
Lead Information Security specific projects such as network redesign, Active Directory redesign, Network Access Control, This includes filling out all required project artifacts, attending project review meetings and transitioning of knowledge to support teams
Utilizes software and hardware tools, identifies and diagnoses problems affecting information security tools and systems providing 2nd and 3rd tier operational support
Information Security Engineer Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Information Security Engineer
List any licenses or certifications required by the position: CISSP, GIAC, CISM, CISA, SANS, CEH, DAMI, CCNA, SSL, ISC2
Education for Information Security Engineer
Typically a job would require a certain level of education.
Employers hiring for the information security engineer job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Master's Degree in Computer Science, Information Security, Engineering, Information Technology, Technical, Technology, Science, Management, Information Assurance, Computer
Skills for Information Security Engineer
Desired skills for information security engineer include:
Firewalls
Security technologies
DNS
Governance
Windows
Asset management
IT audit and control
IT standards
Technical writing/documentation
Practices
Desired experience for information security engineer includes:
Minimum two (2) years of experience in Information Security
Minimum two (2) years of experience with TCP-based networking
Bachelor’s Degree in Information Security or Computer Science, or an equivalent combination of education and experience
Understanding of ethical hacking techniques, and digital forensics
Understanding of TCP/IP and related network protocols and services
Must have strong incident handling experience including knowledge of common attack methods, vulnerabilities and remediation
Information Security Engineer Examples
1
Information Security Engineer Job Description
Job Description Example
Our company is growing rapidly and is looking for an information security engineer. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information security engineer
- Set policy & best security practices for IT, Operations, partners and 3rd party integrations
- Monitor and analyze security alerts / logs and information
- Recommends adjustments to network security devices such as IDS/IPS, proxy servers, NGFWs, depending on incident
- Provide daily, ongoing security oversight of assigned systems, to include the security impact of proposed modifications, additions, and technology refresh evolutions
- Thoroughly understand the administration of critical server infrastructure, including stand-alone and virtual servers, server backup and recovery, and platforms such as file servers and web servers
- Ensure implementation of Information Security (IS) across SHPL
- Establish and improve the process of Information Security
- Measure IS performance and generate IS Reports on regular basis
- Conduct, participate and track IS internal and external audits on regular basis
- Track IS issues, meeting actions
Qualifications for information security engineer
- Incident response – monitor, detect, respond
- Candidate should have excellent verbal and technical writing skills, the ability to effectively convey information security concepts and requirements to a non-technical audience, including both internal and client-facing engagements
- Serves as the primary liaison between Information Security and Legal ensuring efficient, secure data collection and evidence from various sources required for litigation or investigation
- Conducts technical or business analysis and resolves system/user problems in order to maintain efficient operations
- Working closely within a team on data loss protection monitoring and engineering
- Practical experience with the following principles
2
Information Security Engineer Job Description
Job Description Example
Our innovative and growing company is hiring for an information security engineer. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for information security engineer
- Resolve routine problems with direction from Senior Security Engineers
- Ensure access to all information systems is controlled, both internally and externally, commensurate with the level of potential risk
- Participate in incident response and forensics
- Collaborate with other teams inside of Yelp to deploy new security-related tools and processes across the organization
- Analyze, design, install, implement, and administer information security services including, but not limited to, network monitoring, data loss prevention, SIEMs, Vulnerability Management Solutions, IDS/IPS, Endpoint Security Solutions, Cloud Security and MDM, PenTests / Application audit initiatives
- Participate, review, advise, and design information security into the fabric of critical enterprise projects, processes, and business partner teams
- Demonstrate your knowledge of Information Security to all staff in our enterprise-wide Information Security Awareness Campaign
- In the event of an incident or investigation, you may be called upon to lead or assist in the identification of malicious actors, preserve evidence, and advise as a subject matter expert to internal staff
- Engineer Information Security also perform analysis of log files
- Performs automated and manual vulnerability assessments to gauge the organization against regulatory and internal policy compliance
Qualifications for information security engineer
- Ability to earn the trust and respect of colleagues both in and outside of the Information Security team
- Excellent communication (both written and verbal) and teamwork skills
- Demonstrated critical thinking capabilities, especially under pressure
- Proven ability to maintain a high level of discretion and personal integrity in the exercise of duties, including the ability to professionally address confidential matters
- Knowledge of industry frameworks related to information security
- Scripting and development experience including Python, Perl, C, C++
3
Information Security Engineer Job Description
Job Description Example
Our company is growing rapidly and is hiring for an information security engineer. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information security engineer
- Manage enterprise high-availability firewalls running a *nix based operating system, including system updates, log analysis, access controls and backup
- Define security requirements and review systems to determine if they have been designed to comply with established security standards
- Operational 2rd line support of security tools and infrastructure
- 2nd level operational support includes, responding to alerts, troubleshooting, root cause analysis and problem resolution to meet customer and SLA needs
- Research Net Defense (NetD) to determine the necessity for deeper analysis and conduct an initial assessment of type and extent of intruder activates
- Track trends of authorized and unauthorized activity
- Correlate unusual and suspicious network activity across AFCENT
- Provide an overall site-analysis profile to serve as a benchmark to identify unusual or suspicious activity
- Update incoming crews on the latest suspicious traffic identified during previous shift
- Provide focused NetD, tailored analysis and monitoring operations of specified sensor locations during contingency operations and in support of named NetD operations and exercises
Qualifications for information security engineer
- Experience in HIPAA Security and Privacy regulations
- Ability to work global hours when necessary, including U.S
- SANS GIAC certifications preferred but not required
- Proven work experience as Information Security engineer
- Experience in Information Security tools including logging and monitoring tools
- DoDD 8570.01-M, or successor DoD 8140.01 IAT Level II Certification
4
Information Security Engineer Job Description
Job Description Example
Our growing company is looking to fill the role of information security engineer. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for information security engineer
- Experience managing log sources, log types, and automating processing/parsing
- Lead logging enrollments from multi-tier applications into the enterprise logging platforms
- Develop specific content necessary to implement Security Use Cases and transform into correlation queries, templates, reports, rules, alerts, dashboards, and workflow
- Engineer, configure and deploy Enterprise SIEM/SEM solutions
- Engineers, configures, deploys, and maintains DAM, FIM and WAF solutions
- Develop automation for security tools management
- Collaborate with key stakeholders within GIS and Cyber Security to develop specific use cases to address specific business needs
- Five years experience as an information security engineer working in a fast paced, large enterprise environment
- Ensure adherence to information security policies, procedures and standards
- Develop, implement and monitor information security controls based on security industry frameworks
Qualifications for information security engineer
- Direct knowledge of directory services and networking infrastructures
- At least one security related certifications CISSP, CISM, CEH
- Experience in design and engineering of security solutions is important
- Expertise with the accreditation process, such as DIACAP, with knowledge of NIST 800.53
- Exemplarily interpersonal skills necessary to interact effectively with team members, project managers , developers, engineers, vendors, users and business analysts executive and senior management
- Security certification such as SANS/GIAC, CISSP, CISA, CISM, CEH, required
5
Information Security Engineer Job Description
Job Description Example
Our company is growing rapidly and is searching for experienced candidates for the position of information security engineer. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for information security engineer
- Submit comprehensive reports, including assessment-based findings, outcomes and proposals for further system security enhancement
- Make recommendations on appropriate personnel, physical and technical security controls
- Document policies and operating procedures
- Certifies that IT systems meet predetermined security requirements
- 5 years related information security experience
- This person will be taking a list of observations or issues that have already been identified (about 1,000 right now) and acting and removing as many of these as possible
- They will also be looking for ways to measure that outcome of the issue being fixed, figuring out what the certain costs to certain decisions are if they do fix the issue or if they don't fix the issue, measure of cost savings, we fix something we save some money, or what other outcomes, does this remediate risk, does this make this system more efficient
- Once they have identified the issue and prioritized it and figured out who needs to fix it they will then get with the team that is responsible for fixing it and provide them the data on why it needs to be fixed
- Provide Mitigation and Remediation recommendations in support of the RMF process for various control systems as required
- Conduct in-depth analysis of IV&V, A&A, and functional/operational test results for accuracy, compliance, adherence to DoD and Federal IA technical and operational security requirements
Qualifications for information security engineer
- Excel automations macro programming, function writing
- BS/MS in Computer Science/Information Security or BS/MS and relevant experience in Information Security
- Must be familiar with security software products used in distributed computing environments
- Demonstrated critical, independent thinking
- Demonstrated ability to work with cross-functional and matrixed teams
- Basic budgeting, accounting and financial skills preferred