Security Engineer

job summary:

• Bachelor's degree in Computer Science, Information/Cyber Security, Mathematics, or a closely related field, and 7 years' experience in an IT Security position, or an equivalent combination of education or experience.
• Industry-standard certifications preferred.
• Broad hands-on experience and knowledge in firewalls, intrusion detection/prevention systems, endpoint detection & response software, encryption methods, SIEM, PKI, and other industry-standard applications and technologies.
• In-depth technical knowledge of Windows and Linux/Unix operating systems, SQL server, Active Directory, and network configuration.
• strong knowledge of TCP/IP and network administration/protocols.
• Hands-on experience with networking devices such as switches, and routers.
• Knowledge of applicable practices and laws relating to data privacy and protection.
• Knowledge of law enforcement practices and procedures.
• Intuition and keen instincts to pre-empt attacks.
• High level of analytical and problem-solving abilities.
• Must be able to conduct research into security issues and products as required.
• strong understanding of the organization's goals and objectives.
• strong interpersonal and oral communication skills.
• Highly self-motivated and directed.
• strong organizational skills.
• Excellent attention to detail.
• Must be able to effectively prioritize and execute tasks in a high-pressure environment.
• Must be able to work in a team-oriented, collaborative environment.
• Must be able to maintain good work attendance

• Assists in developing, implementing, maintaining, and enforcement of policies, procedures, guidelines, and associated plans for system security administration and user system access based on industry-standard best practices to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction.
• Assists with the design and implementation of disaster recovery plan for operating systems, databases, networks, servers, and software applications.
• Assists with the design and implementation of security breach response plan.
• Assesses the need for any security reconfigurations (minor or significant) and executes them if required.
• Keeps current with emerging security trends and issues.
• Conducts research on emerging products, services, protocols, and standards in support of security enhancement and development efforts.
• Interacts with vendors, outsourcers, and contractors to obtain Information Security services and products.
• Recommends, schedules, and performs security improvements, upgrades, and/or purchases.
• Deploys, manages, upgrades, documents, and maintains all Information Security systems and their corresponding or associated software, including firewalls, intrusion detection systems, SIEM system, and endpoint protection software.
• Audits end user accounts, permissions, and access rights on various systems, servers, and file shares and documents results.
• Manages connection security for local area networks, the company web site, mobile devices, Wi-Fi, VPN, the company intranet, e-mail communications, and more.
• Audits and ensures the security of databases and data transferred both internally and externally.
• Performs vulnerability testing of all systems in order to identify network and system vulnerabilities.
• Designs, implements, and reports on security system and end user activity audits.
• Monitors logs and traffic from all networked devices for unusual or suspicious activity and logs results.
• Interprets activity and makes recommendations for resolution.
• Recommends, schedules (where appropriate), and applies upgrades, security patches, disaster recovery procedures, and any other measures required in the event of a security breach.
• Downloads and tests new security software and/or technologies.
• Performs security system backups.
• Provides on-call security support to end-users.
• Trains, oversees and/or provides guidance to junior members of the team.
• Assists in development, design, delivery, tracking, and remediation of user training for all employees.
• Assists in design and implementation of tabletops incident response and disaster recovery exercises.
• This job description excludes marginal functions that are incidental to performing the job.
• Other duties may exist.

• Experience level: Experienced
• Minimum 7 years of experience
• Education: Bachelors

• endpoint detection
• SECURITY ENGINEER
• vulnerability audits
• SIEM
• security reconfigurations