Prestige Staffing
The Information Security Engineer position will be responsible for providing technical and business assistance for a wide variety of information security related matters. The Information Security Engineer will assist in the implementation and on-going maintenance/tuning of security systems to protect the organization's networks from cyber attacks.
The position helps develop organization wide security policies, standards, procedures, and best practice documentation. It requires monitoring of computer networks for security issues, install security software and document all security issues or breaches found.
Job Summary
The Information Security Engineer will be responsible for providing technical and business assistance for a wide variety of information security related matters. Primary Duties & Responsibilities:
Monitor security solutions for efficient and appropriate operations Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings) Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities Understand and continue to develop cyber security policy and procedure Conduct and manage security threat and impact assessments and provide input on our overall information security strategy Architect, implement, and reevaluate any security service or product in our security stack with little technical guidance Script and automate repetitive security related tasks and remediations Identify gaps or opportunities in our detection capabilities and create custom rules and detections for products (EDR, AV, SIEM) across our security stack Respond to antivirus detections by performing scans, attempting remediation, and escalation as required Document and investigate escalated incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment Coordinate with cyber security staff to correlate threat assessment data and validate network alerts Pick up service tickets within established SLAs including those that have been escalated to Tier Two/Three as needed Mentor and provide technical guidance to analysts and other team members Working across the security team to help implement various processes and technologies related to the NIST Cybersecurity Framework Participate in security incident response efforts Hunt for threats and misconfigurations across a complex global organization Support and participate in the organization’s Continual Improvement Program to conform to ISO 9001 and ISO 27001 requirements by complying with the Quality Policy procedures and meeting QMS and ISMS objectives Knowledge and Skills:
8+ years of technical experience, including 5+ years in an information security technical role Experience in securing cloud environments, specifically Azure, and auditing its services and resources against best practices and identify misconfigurations Hands-on experience with mitigating security controls (next gen anti-virus, EDR, IPS/IDS, DLP, web and network proxies, URL content filtering, log collection (SIEM), vulnerability management, multi-factor authentication, identity management and conditional access polices, VPN's, and how they work in an overall defense in depth risk assessment methodology Experience writing and updating security policy and documentation Experience in the creation of technical documentation including Visio diagrams Experience with cloud technologies and architecture is an asset Knowledge of how criminal culture communicates/works on the Internet Knowledge of the OSI Reference Model and its security implications Good understanding of TCP/IP networking and security Ability to work with key business leaders to help identify critical assets Must be self-directed, able to work independently, as well as work in a team-oriented, geographically diverse/multiple locations, and fast paced environment Ability to deliver or explain technical concepts to non-technical customers and internal stakeholders Understanding of basic frameworks for mitigating Vendor risk Ability to work on multiple tasks simultaneously Excellent verbal and written communication skills Strong organizational skills and attention to detail Ability to work well in a fast-paced environment Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
IT Services and IT Consulting We offer medical insurance, vision insurance, 401(k), and paid maternity leave.
#J-18808-Ljbffr
The Information Security Engineer will be responsible for providing technical and business assistance for a wide variety of information security related matters. Primary Duties & Responsibilities:
Monitor security solutions for efficient and appropriate operations Conduct research, analysis, and correlation across a wide variety of all source data sets (indications and warnings) Provide timely detection, identification, and alerting of possible attacks/intrusions, anomalous activities, and misuse activities and distinguish these incidents and events from benign activities Understand and continue to develop cyber security policy and procedure Conduct and manage security threat and impact assessments and provide input on our overall information security strategy Architect, implement, and reevaluate any security service or product in our security stack with little technical guidance Script and automate repetitive security related tasks and remediations Identify gaps or opportunities in our detection capabilities and create custom rules and detections for products (EDR, AV, SIEM) across our security stack Respond to antivirus detections by performing scans, attempting remediation, and escalation as required Document and investigate escalated incidents (including event's history, status, and potential impact for further action) that may cause ongoing and immediate impact to the environment Coordinate with cyber security staff to correlate threat assessment data and validate network alerts Pick up service tickets within established SLAs including those that have been escalated to Tier Two/Three as needed Mentor and provide technical guidance to analysts and other team members Working across the security team to help implement various processes and technologies related to the NIST Cybersecurity Framework Participate in security incident response efforts Hunt for threats and misconfigurations across a complex global organization Support and participate in the organization’s Continual Improvement Program to conform to ISO 9001 and ISO 27001 requirements by complying with the Quality Policy procedures and meeting QMS and ISMS objectives Knowledge and Skills:
8+ years of technical experience, including 5+ years in an information security technical role Experience in securing cloud environments, specifically Azure, and auditing its services and resources against best practices and identify misconfigurations Hands-on experience with mitigating security controls (next gen anti-virus, EDR, IPS/IDS, DLP, web and network proxies, URL content filtering, log collection (SIEM), vulnerability management, multi-factor authentication, identity management and conditional access polices, VPN's, and how they work in an overall defense in depth risk assessment methodology Experience writing and updating security policy and documentation Experience in the creation of technical documentation including Visio diagrams Experience with cloud technologies and architecture is an asset Knowledge of how criminal culture communicates/works on the Internet Knowledge of the OSI Reference Model and its security implications Good understanding of TCP/IP networking and security Ability to work with key business leaders to help identify critical assets Must be self-directed, able to work independently, as well as work in a team-oriented, geographically diverse/multiple locations, and fast paced environment Ability to deliver or explain technical concepts to non-technical customers and internal stakeholders Understanding of basic frameworks for mitigating Vendor risk Ability to work on multiple tasks simultaneously Excellent verbal and written communication skills Strong organizational skills and attention to detail Ability to work well in a fast-paced environment Seniority level
Mid-Senior level Employment type
Full-time Job function
Information Technology Industries
IT Services and IT Consulting We offer medical insurance, vision insurance, 401(k), and paid maternity leave.
#J-18808-Ljbffr