Security Engineer Information Security Job Description
Security engineer information security
provides expert level leadership across the enterprise in all areas of application security, including: application architecture, secure coding, developer training, application security testing and treat protection.
Security Engineer Information Security Duties & Responsibilities
To write an effective security engineer information security job description, begin by listing detailed duties, responsibilities and expectations. We have included security engineer information security job description templates that you can modify and use.
Sample responsibilities for this position include:
Implement and operationalize Information Security Incident Response tools and program
Review and updated Information Security documentation, POAM, Scans, STIGs, SSAA, SRTM
Identify, acquire, analyze, test, and implement Information Assurance Vulnerability Alerts and Security Technical Implementation Guidelines in order to maintain proper security posture for a cleared system
Provide expert information security consulting to project teams needing guidance beyond the frameworks and standards
Conduct forensic investigations maintaining chain of custody as appropriate
Safeguard information system assets by identifying and solving potential and actual security problems
Recognize problems by identifying abnormalities
Participate in and lead internal audits, in cooperation with the Information Security Office
Perform security risk assessment and mitigation
Develop and deliver educational information to system administrators and users
Security Engineer Information Security Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Security Engineer Information Security
List any licenses or certifications required by the position: CISSP, GIAC, CISM, CISA, SANS, CEH, DAMI, CCNA, SSL, ISC2
Education for Security Engineer Information Security
Typically a job would require a certain level of education.
Employers hiring for the security engineer information security job most commonly would prefer for their future employee to have a relevant degree such as Bachelor's and Collage Degree in Computer Science, Engineering, Information Security, Information Technology, Technical, Technology, Science, Management, Information Systems, Computer
Skills for Security Engineer Information Security
Desired skills for security engineer information security include:
Routers
Secure coding
VPN
Antivirus
Application layer security
Application security
Ethical hacking
Next generation firewalls
Ports
Protocols and services
Desired experience for security engineer information security includes:
Experience scripting and/or programming (shell, ruby, python, perl, java, c)
Experience in one (1) or more information security domain is required
At least 3 years of development and/or testing experience
At least 1 years of experience in penetration testing of mobile applications
Mandatory experience and expertise in Web Application Penetration testing
Experience in penetration testing of firmware, network, devices a plus
Security Engineer Information Security Examples
1
Security Engineer Information Security Job Description
Job Description Example
Our growing company is looking to fill the role of security engineer information security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security engineer information security
- Executes security controls, defenses and countermeasures to intercept and prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems
- Monitors systems to ensure adherence to security policies
- Assist in the production and tracking of metrics for the effectiveness and maturity of security processes
- Works all tickets initially assigned to security operations
- Work closely with all operational teams to assign ownership of events
- Work closely with CSIRT to escalate critical events
- Support maintenance and operation of monitoring tools
- Provide support for multiple backoffice information security products
- Configuration and administration of interanal security team specific solutions
- Able to work in a 24x7 shift environment
Qualifications for security engineer information security
- CISSP Penetration Testing Certification preferred (GPEN, GWAPT, OSCP, CEH)
- Understanding of wireless networking and associated security protocols
- Outstanding team player but can work independently when required
- Bachelor's degree in related technical field and 8 to 12 years’ experience in a technical capacity
- Foundational knowledge of network engineering concepts and protocols a must
- Advanced knowledge of Linux operating systems is desired
2
Security Engineer Information Security Job Description
Job Description Example
Our company is growing rapidly and is hiring for a security engineer information security. If you are looking for an exciting place to work, please take a look at the list of qualifications below.
Responsibilities for security engineer information security
- Conducting DoD security lockdowns utilizing a variety of system scan tools
- Be a champion for security to the business units
- Collaborate with IT and business/product teams to design or validate architectures to host services in cloud environments
- Work with corporate IT teams to secure SaaS services providing internal productivity resources
- Insure security designs and principles can be properly operationalized and handed over appropriate support teams
- Develop security standards and processes that can be deployed and managed in an automated fashion for the various projects assigned
- Linux Administration experience and scripting with bash from the command line
- Security hardening and understanding of virtual networks
- Cloud Security – AWS, MS Azure, or proprietary cloud
- Provides security and risk management services by performing risk identification, assessment, and remediation regulatory and internal compliance monitoring using standards and processes as required to adequately protect personnel, facilities, infrastructure, information, and business operations
Qualifications for security engineer information security
- Experience in Incident Response and Incident Management procedures
- BS degree in Computer Science or related field a plus
- Minimum of X year experience in an information technology or security discipline
- Certification in CCRI review areas within 6 months of start date
- Bachelors Degree in Computer science/systems, Information systems/technology is required
- 5+ years of experience with network engineering to program development, modeling, or simulation applied to DoD or information technology systems, configuring firewalls and switches, applying Security Technical Implementation Guides (STIGs), or administering systems running HP-UX, UNIX, Solaris, Linux, and Microsoft Windows
3
Security Engineer Information Security Job Description
Job Description Example
Our innovative and growing company is looking for a security engineer information security. To join our growing team, please review the list of responsibilities and qualifications.
Responsibilities for security engineer information security
- Develop technical solutions and new security tools to help mitigate data security vulnerabilities and automate repeatable tasks
- Support in the development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification and destruction
- Support others in performing forensic analysis and risk assessments for the entire infrastructure
- Provide support in researching emerging technologies for the continuous improvement of IT security
- Support incident response activities, ensuring security incidents are properly identified, contained, eradicated, and recovered from
- Triage, prioritize, document and mitigate security alerts generated by the various network defense tools
- Assist in remediation and/or mitigation efforts for all vulnerabilities in the environment, ensuring appropriate response to high risk and aged findings
- Minimum 5 years’ experience in Information Security
- In-depth knowledge of Role Base Security models and implementations in diverse technical environments
- Previous professional experience with enterprise SIEM
Qualifications for security engineer information security
- Experience in the financial services environment is ideal
- On rare occasion, lift/carry/push/pull objects that weigh 21-40 pounds
- Experience designing, implementing, and managing a SIEM environment (Arcsight, Splunk)
- One to two years’ experience facilitating penetration testing
- Familiarity and maintenance activities of ISO 27001 and HIPAA compliance
- Experience in IT security certifications (CIPP
4
Security Engineer Information Security Job Description
Job Description Example
Our company is searching for experienced candidates for the position of security engineer information security. Please review the list of responsibilities and qualifications. While this is our ideal list, we will consider candidates that do not necessarily have all of the qualifications, but have sufficient experience and talent.
Responsibilities for security engineer information security
- Perform risk assessments, which involves analysing risks, identifying and articulating the impact to the business and implementing mitigating controls
- Work as part of a multi-disciplinary team (including development, monitoring and infrastructure) to ensure that security requirements are designed from the start of new projects
- Lead the development and implementation of security programs, standards, policies, and procedures
- Review and Assess technology infrastructure to identify key risks and ensure controls are adequately implemented to properly address said risks
- Report on status of security operations and performance
- Partner with project, IT, and business teams to properly identify and implement security controls that both secure our systems, and meet the business needs
- Apply patches where appropriate and, at the direction of the Assistant Vice President, IT Risk, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards
- Provide implementation and support of global enterprise LAN, WAN and Wireless LAN infrastructure as needed
- Assist network engineers in current active network project and operational network activities as needed
- Ensure situational awareness during security incidents
Qualifications for security engineer information security
- Network topologies (WAN/LAN, protocols)
- DLP, HIPS, File Integrity
- Experience with the Technology Protection Plan
- 3+ years of experience in Identity & Access Management or Cyber Security combined with IT engineering or application development
- Strong mindset and skillset of engineering, and integration
- Strong experience in access review and database skills
5
Security Engineer Information Security Job Description
Job Description Example
Our company is looking for a security engineer information security. Thank you in advance for taking a look at the list of responsibilities and qualifications. We look forward to reviewing your resume.
Responsibilities for security engineer information security
- Ensure INFOSEC solutions are fully compatible with or engineered into the customer’s network design
- Review and update Information Security documentation, POAM, Scans, STIGs, SSAA, SRTM
- Implementation and operation of the system or component of government customers’ information systems
- Ensuring all information systems are functional and secure in operations and poly knowledge of IA policy, procedures and structure to develop, implement, and maintain a secure information system
- Describe, test and validate security measures active on security infrastructure devices for the protection of computer systems, networks and information system
- Identify and define system security requirements and correlates/documents them by analysis of organizational standard security operating procedures (SOP) and protocols
- Determine security violations and inefficiencies through security tests, evaluations and audits
- Recommend improvements by assessing current security implementations and anticipating new security requirements
- Maintain system security by implementing and maintaining security controls
- Nexpose scans of pre-deployment servers
Qualifications for security engineer information security
- Experience in the maturation of Cybersecurity architectures that successfully integrate the multiple Cybersecurity domains to include access control
- Demonstrated verbal and written communication skills strong organizational and time management abilities
- Assessment Solution (ACAS) security suite, IBM QRadar, and GFI EventsManager ) including vulnerability assessment, patch management, audit collection, audit review, audit management, and end point protection
- 2+ years of demonstrable information security and compliance experience
- Knowledge of industry standard frameworks and suitable controls (such as ISO 27001, FISMA, IRS 1075, NIST 800-53)
- Ability to manage and execute complex technical projects