Valhalla, NY
10 days ago
Information Security Engineer

The Information Security Engineer's daily duties include operational design and support of the Security Event and Information Systems along with various other security services. The engineer will design and automate delivery of the weekly, monthly, and quarterly metrics reports. The engineer will also have the opportunity to manage all phases of security tools development and testing; implements, manages security tools, including configuration management and change control.

Responsibilities

·       Provide architectural, operational, and engineering support for critical security application systems and services including SIEM, Data leakage prevention, content filtering, firewall compliance, vulnerability, and security event management.

·       Proactively maintain, monitor, and improve our security applications with timely incident detection and response.

·       Continuously develop rules for security services (i.e., SIEM, UEBA, SOAR, DLP, CASB, etc.) by reviewing and analyzing collected security log information from the Security Event and Information System and UEBA to protect computer networks and databases from unauthorized access.

·       Deploy, configure, and maintain the Exabeam SOAR platform to align with organizational security requirements. Customize playbooks, workflows, and integrations to enhance security operations.

·       Responsible for the analyzing, designing, installing, configuring, maintaining, and repairing of security infrastructure and application components. Ensuring overall technical capabilities, stability, and performance. Provide direction, recommendations, design, and implementation for security enhancements.

·       Ensure information network security design, plans, controls, processes, standards, policies, and procedures are aligned with generally accepted IT security practice and standards and the overall IT security approach of our primary technology partners.

·       Partner with infrastructure and app/dev teams to design, deliver and maintain highly available, application systems and services.

·       Contribute to project plans, author security engineering level documentation, and develop detailed test plans.

·       Participate in IT Security assessments, risk analysis, reporting and Incident Lesson’s Learned takeaway actions for improvements.

·       Design and conduct penetration & vulnerability testing to identify potential vulnerabilities in computer systems.

·       Weekly review, identification and reporting of health and operational status of the various security services:

·       Participate in security vulnerability scanning service/control-based process assessments (e.g., Change Management, Release Management, etc.), to include evaluation of supporting documentation, evidence, and alternative controls.

·       Participate in training of security best practices to other staff members to raise awareness about security risks.

·       Other duties as assigned.

Knowledge, Skills and Abilities


Education: Bachelor's Degree in Management Information Systems, Network Security, Computer Science or related.

Security Certifications Preferred: GSEC: GIAC Security Essentials, GISG: GIAC Information Security Fundamentals; ISC2: CISSP, Vendor specific certifications.

Familiar with governance and compliance concepts, practices, and procedures, which includes but is not limited to HIPAA, PCI-DSS, ISO, NIST, SOX, GDPR, Privacy Laws.

Ability to communicate effectively in both written and verbal forms with various levels of staff, including other analysts, managers, and employees.

Information security engineer must have critical thinking skills to make decisions about how to protect USI’s information. Determining the best security measures to take and the most effective ways to implement them.

Experience

·       5+ years' experience as an analyst in Information Security in a corporate IT department/NOC/SOC

·       Previous experience monitoring, analyzing, and escalating, Security incidents from multiple sources.

·       Ability to effectively communicate in a technical team environment.

·       5+ years of experience with security products, such as SEIM, IPS, IDS.

·       Previous experience developing reports to IT leadership.


#LI-JM4

#LI-Remote 

 


Confirm your E-mail: Send Email