IT Security Engineer

Overview

Under general direction, performs procedures necessary to ensure the confidentiality, integrity and availability of sensitive data and information systems.  This position is responsible for developing or enhancing security policies and procedures, implementing and enforcing technical and administrative security controls, providing security support to users, and monitoring adherence to security policies and procedures.

Salary up to $120,000

What We Offer:• Weekends OFF• Paid Training• FREE UTI or Concorde Tuition for you AND your Immediate Family• Medical/Dental/Vision/Life Ins/STD & LTD Ins• 401K, Paid Holidays, Paid Time Off• Paid Parental Leave• ADD OTHER BENEFITS

Responsibilities

• Identifies and investigates risks to the organization using a variety of processes and technologies
• Recommends and implements security policies, procedures, standards and technologies for current and future processes and systems
• Works with Engineering and Operations teams to improve system security procedures and configurations
• Evaluates new projects and applications as they relate to security requirements, architecture, and design
• Works closely with software development and enterprise information personnel to integrate best practice controls into custom software and database environments
• Collaborates with system and application owners to enforce security standards and to identify, document, and mitigate information security risks
• Interfaces with the user community to understand their security needs, researches and implements procedures and technologies to accommodate them
• Improves awareness of security throughout the organization
• Coordinates risk and vulnerability analyses of new and existing systems using industry standard tools such as Nessus, NMAP, RSA enVision, etc.
• Aids or performs in incident and forensic response activities
• Interfaces with internal and external auditors to ensure compliance with regulatory activities
• Coordinates the security portion of Information Technology Sarbanes-Oxley engagements
• Other duties as assigned

Qualifications

Education / Experience

• Bachelor degree in technical or scientific field preferred; however, 4 years of equivalent experience may be substituted for degree
• 5+ years of IT/Network Operations experience
• 4 years of hands on Windows networking experience in large Active Directory environments
• 3 years of Information Security and/or IT Audit experience
• CompTIA Security+ certification required, CISSP or CISA certification strongly preferred
• CCSP and/or MCSE/MCITP Enterprise Administrator certification preferred
• Experience with vulnerability identification, analysis and remediation required
• Experience with forensic and e-discovery procedures preferred
• Working knowledge of GLBA, PCI, HIPAA, ISO 27001 (17799), SOX, COBIT, ITIL or other information security and control frameworks
• SEC-DevOps experience is desired.
• Working knowledge of FERPA is preferred
• Understanding of security elements of Microsoft Windows, Linux, Cisco IOS, TCP/IP, VoIP, and other common platforms and protocols
• Understanding of firewall configuration and administration

Skills

• Ability to effectively weigh business needs against security concerns and articulate issues to management
• Ability to use good judgment, problem-solving and decision-making skills
• Ability to learn new technologies and apply that knowledge to daily workflows
• Excellent written and verbal communication skills with ability to communicate effectively with technical and non-technical individuals

Abilities

• Must be able to lift, carry, push, or pull up to 5 pounds or less 5% of the workday
• Must be able stoop, kneel, crouch, or crawl 5% or less of the workday
• Must be able to talk, see, hear, concentrate, think, learn and reason for all of the workday
• Must be able to sit and walk or otherwise move around for prolonged periods throughout the workday.
• Must be able to use a keyboard and do manual tasks for prolonged periods throughout the workday.
• May require occasional overnight travel.

Work Environment

• Work is performed indoors in a climate-controlled environment.
• Regular business hours; however, periodic off-hours and weekend hours are required