Job Title: Senior Information Security Engineer
Overview:
We are seeking a highly skilled and experienced Senior Information Security
Engineer to join our team. The ideal candidate will be responsible for
designing, implementing, and maintaining security measures to protect our
organization's computer systems, networks, and SaaS products. This role
requires a hands-on approach to identifying vulnerabilities, implementing
solutions, and staying abreast of the latest security trends and
technologies. The Senior Information Security Engineer will collaborate
closely with cross-functional teams to ensure the confidentiality,
integrity, and availability of our systems and data.
Responsibilities:
Security Tooling: Deploy, maintain, integrate, and perform initial
configuration of security tools.
Vulnerability Management: Coordinate and conduct regular security
assessments, penetration testing, and vulnerability scans to identify and
address security weaknesses proactively.
Incident Response: Lead incident response efforts to promptly detect,
analyze, and mitigate security incidents and breaches. Develop and maintain
incident response plans and procedures.
Security Operations: Monitor security logs and alerts, investigate
suspicious activities, and respond to security events in real-time.
Implement and maintain security tools and technologies to enhance our security
posture.
Identity and Access Management: Manage user access controls,
authentication mechanisms, and identity management systems to ensure
appropriate levels of access and privilege.
Security Awareness: Promote security awareness and best practices among
employees through training sessions, communication campaigns, and ongoing
education initiatives.
Research and Development: Stay updated on emerging threats,
vulnerabilities, and security technologies. Evaluate new security products
and technologies to enhance our security infrastructure.
Documentation: Create and maintain detailed documentation of security
policies, procedures, configurations, and incident response plans.
Collaboration: Work closely with cross-functional teams, including IT,
engineering, and compliance, to integrate security into all aspects of our
systems and operations.
Qualifications:
At least 5 years of experience in information security, with a focus on
hands-on security engineering and operations.
In-depth knowledge of networking protocols, operating systems, and cloud
technologies.
Strong understanding of security principles, practices, and frameworks
(e.g., PCI, NIST, ISO 27001).
Experience with security tools such as SIEM, IDS/IPS, endpoint
protection, and penetration testing tools.
Relevant certifications such as CISSP, CISM, or CEH are highly desirable.
Excellent analytical and problem-solving skills, with the ability to
identify and mitigate security risks effectively.
Strong communication and interpersonal skills, with the ability to
collaborate effectively with stakeholders at all levels of the organization.
Equal Opportunity Employer -
minorities/females/veterans/individuals with disabilities/sexual
orientation/gender identity