Information Security Engineer II

Company: Experis
Location: Carmel
Posted on: November 13, 2021

Job Description:

Job Description

POSITION TITLE: Information Security Engineer (I, II)
EEO CATEGORY: Professionals

REPORTS TO: Manager, Security Operations
FLSA STATUS : Exempt

DIVISION: IT

JOB FAMILY: Analyst
GRADE(S): 23-24

DATE: September 2021
LEVEL: IC 2
POSITION OVERVIEW

The Information Security Engineer provides hands-on technical solutions to complex and detailed information security problems. This position provides technical assistance, design, installation, operation, service, and maintenance of a variety of information security systems. The Information Security Engineer ensures and assists with the proper deployment and management of solutions that support information security including virus detection, malware detection, intrusion detection and prevention systems, firewalls, and other security solutions. The Information Security Engineer will identify, and evaluate and implement technical security controls to continuously improve the organization's security posture.

ESSENTIAL capabilities AND RESPONSIBILITIES

Apply knowledge of latest cyber security industry trends, technology tools and practices
Timely and accurately deploy and support network-based security configurations and appliances
Provide accurate and timely support of security tools, network-based security configurations, and appliances
Monitor/tune intrusion detection, firewall, and vulnerability assessment tools.
Research and evaluate current or emerging security technologies to support organizational cyber security objectives
Evaluate, recommend and integrate new security technology and tools by conducting feasibility studies and proof of concepts
Provide input on security requirements to be included as a part of technology and service procurement activities
Promote awareness of security issues among management and ensure sound security principles are reflected in the organization's vision and goals
Ensures that acquired or developed systems and architectures are consistent with the organization's security architecture guidelines
Apply knowledge of latest cyber security industry trends, technology tools and practices to define cyber security processes and standards
Define, develops, and manages cyber security management procedures, policies, standards, design, and support guidelines
Apply security practices to communication and host based environments
Manages cyber security compliance activities and drives improvements where needed
Execute and monitor security processes and events timely and in a manner that meets compliance requirements
Identify weak controls and communicate vulnerabilities to management
Apply understanding of regulatory standards to demonstrate compliance and subject matter expertise
Plan and conduct reviews to monitor and evaluate system conformance with organizational security policies, standards and guidelines
Define, coordinate security requirements within the various stages of the system development process
Demonstrates strong trouble-shooting skills in complex communication environments
Communicate cross functionally to gain consensus - works diligently to build an understanding with balanced participation
Demonstrates strong problem solving skills - able to reason, think analytically and derive core concepts
Design and document executable steps to enable consistency and sustainable of actions, with a particular focus on enabling through automation
Evangelize and influence knowledge workers on the importance of security practices through marketing, education, and training platforms
Evaluates vendor solutions against MISO business requirements
Understands product lifecycles and provides input for long and short-term planning
Ability to make timely recommendations to effectively solve problems, using independent judgment consistent with standards, practices, policies, procedures, regulations, and/or law
Professionally exercises discretion and independent judgment in day-to-day work
Compliance with all processes, procedures, and standards applicable to the position including (but not limited to): SOC 1 (Service Organization Controls 1), CIP (Critical Infrastructure Protection), Change Management, Tariff (Open Access Transmission, Energy and Operating Reserve Markets Tariff), FERC (Federal Energy Regulatory Commission), NERC (North American Electric Reliability Corporation), U.S. Department of Homeland Security, and NAESB (North American Energy Standards Board)
Complete all other duties as assigned
QUALIFICATIONS AND COMPETENCIES

EDUCATION/ EXPERIENCE

Bachelor's degree in Computer Science or related field or a minimum of 6 years relevant work experience.
At least one to three years of related Information Technology experience, required
Foundational understanding of IT Concepts and principles, required
Understanding of security applications and services to manage threats, preferred.
Technical hands-on proficiency with several security-related systems and applications (Vulnerability software, next generation firewalls, IDS/IPS, SIEM, Data Loss Prevention), preferred.
Technical proficiency with security-related systems and applications, especially mainstream OSs (e.g. Microsoft Windows and Linux), Vulnerability Scanners, SIEM, anti-malware tools and desktop security tools, preferred.
Appropriate level will be determined based upon experience and knowledge.

TECHNICAL KNOWLEDGE, SKILLS, AND CAPABILITIES

The requirements listed below are representative of the knowledge, skills, and/or abilities required to perform each essential duty satisfactorily.

Technical Capabilities - Must also be proficient with the following:

Understanding of enterprise computing environments, distributed applications, and a strong understanding of TCP/IP networks
Cyber Security best practices
Evangelize business and IT areas on security principles and good business practices approaches to improve security risk posture.
General and functional knowledge of hardware and software products that enhance the security of systems such as Intrusion Prevention Systems (host- and network-based), Firewalls, Security Event Management Systems, port scanning and vulnerability identification, monitoring and logging mechanisms, etc.
Must possess basic knowledge of network, desktop and distributed server hardware and software
Working with security infrastructure technologies
Experience in documenting and maintaining processes and procedures.
Comfortable working on both Linux-based and MS Windows-based system platforms with a strong IT technical understanding and aptitude for analytical problem-solving.
Strong understanding of enterprise, network, system and application level security issues
Fundamental understanding of encryption technologies
Time Management - Ability to work within a fast-paced, deadline oriented environment with minimal supervision. Must be well organized with a high attention to detail and accuracy.

Computer Skills - Must have intermediate skills in Microsoft Word, Outlook, Excel and PowerPoint.

Project Management - Interest in developing, communicating and coordinating projects. Strong ability to multi-task and prioritize multiple projects.

Reasoning/Analytical Ability - Ability to define problems, collect & analyzes data, establish facts, and draw valid conclusions. Ability to interpret an extensive variety of technical instructions and deal with several abstract and concrete variables.

GENERAL CORE COMPETENCIES

Effective Communication - Ability to read and comprehend instructions, policies and procedures. Strong written and verbal communication skills; Interest in learning to present complex data to groups of internal and external customers in a clear and concise manner. Ability to articulate, in writing, detailed concepts. Ability to collaborate with other departments to complete projects on time.

Customer Service - Ability to provide excellent customer service to both internal and external clients.

Teamwork - Ability to collaborate in a team environment; seek regular feedback and contribute in team meetings. Provide back-up to other team members as necessary.

Results Orientation - Be accountable for producing an accurate, timely and quality work product.

Operational Excellence - Collaborate with others to identify efficiencies and process improvements. Embrace change and the focus on continuous improvement.

PHYSICAL DEMANDS

The physical demands described here are representative of those an individual must meet to successfully perform the essential functions of this job.
Ability to sit for extended periods of time while working on a personal computer and to move intermittently throughout the workday.
Travel required; up to 5%. May require out of state via airplane with overnight stays.
Ability to work a 24 x7 on-call schedule

Keywords: Experis, Carmel , Information Security Engineer II, Engineering , Carmel, Indiana