The Security Engineer is responsible for safe guarding computer networks and systems.
The Security Engineer will help plan and carry out an organization’s information security strategy. They develop a set of security standards and best practices for the organization, and recommend security enhancements to management as needed.
The Security Engineer provides expert judgment and analysis for the design, development and implementation of technical products and systems. Resolves highly complex technical issues and conducts advanced research.
The Security Engineers are also responsible for educating the workforce on information security through training and building awareness. A wide degree of creativity and latitude while being conscious of business cost while planning for future growth, and improving current security technologies along with automated reporting of statuses.
Direct experience with anti-virus software, intrusion prevention, firewalls and content filtering
Implementing and Maintaining NIST National Institute of Standards and Technology
Develop the environment to manage cybersecurity risk to systems, assets, data and capabilities. Develop and maintain full visibility into digital and physical assets and their interconnections, define roles and responsibilities, understand the current risks and exposure and put policies and procedures into place to manage those risks.
Develop and implement the appropriate safeguards to limit or contain the impact of a potential cybersecurity event. Control access to digital and physical assets, provide awareness education and training, secure data, maintain baselines of network configuration and operations, repair system components in a timely manner and deploy protective technology to ensure cyber resilience.
Implement the appropriate measures to quickly identify cybersecurity events. Utilize continuous monitoring solutions that detect anomalous activity and other threats to operational continuity. Maintain visibility into the networks to anticipate a cyber incident and have all information at hand to respond to one. Threat hunting to analyze and prevent cyber incidents in networks.
Contain the impact of a cyber incident. Maintenance and continual improvement the Incident response plan, to include communication lines among the appropriate parties, collect and analyze information about the event, perform all required activities to eradicate the incident and incorporate lessons learned into revised response strategies.
Implement effective activities to restore any capabilities or services that were impaired due to a cybersecurity event. Development and maintenance of recovery plans, coordinate restoration activities with external parties and incorporate lessons learned into your updated recovery strategies. Prioritize a list of action points which can be used to undertake recovery activity is critical for a timely recovery.
Computer related Bachelor’s degree
5 years of experience
Preferred Skill Requirements
Security+: CompTIA's popular base-level security certification
CCNA: Cisco Certified Network Associate – Routing and Switching
CEH: Certified Ethical Hacker
GSEC / GCIH / GCIA: GIAC Security Certifications
CISSP: Certified Information Systems Security Professional