SUMMARY

The SR. INFORMATION SECURITY ENGINEER is a hands-on role that requires a high level of technical expertise. The person in this position will have 5-7 years’ experience and will be responsible for a broad range of tasks, including security engineering, security administration, application security, threat and vulnerability management, identity and access management, security monitoring & operations.

The individual in this position interacts closely with product vendors and service providers, with personnel from various IT departments — including the application development, operations and network, and privacy teams — and with business departments.

ESSENTIAL DUTIES AND RESPONSIBILITIES

The Sr. Information Security Engineer fulfills the following tasks:

• Research, design, coordinate implementation, and test security requirements through projects and application implementation lifecycle to comply with all applicable security policies, standards, and regulations.
• Work with IT and internal and external business partners to ensure that security is factored in the evaluation, selection, installation and configuration process of hardware and software.
• Create and maintain network security diagrams.
• Perform system security administration on designated technology platforms, including operating systems, applications, and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines.
• Assist in the management of firewalls, intrusion detection systems, switches, etc.
• Monitor, review, prioritize, and coordinate the mitigation of penetration tests and vulnerability scan findings on information systems and infrastructure.
• Design, develop and integrate systems to ensure that account provisioning, authentication and authorization meet the highest standards necessary to protect business and user data.
• Respond to and, where appropriate, resolve or escalate reported security incidents in collaboration with the Security Operations Center (SOC) managed service provider
• Monitor system logs, Microsoft Defender, CrowdStrike, SIEM tools and network traffic for unusual or suspicious activity. Interprets such activity and makes recommendations for resolution.
• Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
• Create, publish, and maintain security operations metric dashboards.
• Support other security activities as required.

EDUCATION/QUALIFICATIONS

• Five years of technical experience working in the information security field required; five years engineering secure solutions to monitor and defend against threats in a hybrid (On Prem/Azure) environment; three plus years’ experience designing, implementing, and tuning security solutions for development, applications, platforms, environments, and three years’ experience in application security.
• Bachelor's degree in information systems, or equivalent combination of education and work experience.
• Desired certifications: CISSP, Azure security engineer, security operations analyst, identity and access administrator, information protection administrator, application security, or information assurance management.

   Technical Competency

• Knowledge of network and system security, including routers, switches, network protocols, VPN, firewalls, intrusion detection and prevention systems, and encryption technologies, security monitoring, and reporting.
• Familiarity with security standards and regulations, such as ISO 27001, NIST CSF, NIST 800-53, or PCI DSS.
• Experience with security tools and technologies, such as CrowdStrike, Microsoft Defender, Intune, DLP, SIEM, DAST, and SAST scanning.
• Understanding of cloud security, including cloud infrastructure and application security
• Practical experience in administration of Microsoft Azure and hybrid environments and strong familiarity with computer, network, and storage in Azure and Azure Active Directory.
• Knowledge of cybersecurity principles, including risk assessment and management, threat and vulnerability management, incident response, application security, and identity and access management.
• Expert understanding of web security standards, architecture, web security best practices and application security best practices (e.g., OWASP).
• Identity management familiarity in one or more of the following areas: single sign-on (SSO), identity federation, enterprise directory architecture and design, ITIL, and process integration. Identity and access governance includes role-based access control, user life cycle management processes, and organizational change management.
• Experience with administrating authentication technologies, such as Microsoft Active Directory/Windows authentication, OpenID Connect, OAuth.