As an Information Security Engineer in the IS department, you will be responsible for the risk management plan and overall security posture of all information systems in both our production on-premises and Azure cloud environments.
Location of the role is very flexible across the United States.
- Design, implement, and maintain all network security technologies e.g. Palo Alto Network firewalls, network segmentation, IPS/IDS, Web filtering
- Support, tune, and harden Windows servers, Citrix terminal servers, IIS webservers, and MS SQL servers.
- Design, implement, and maintain all system endpoint security technologies for 2000+ endpoints e.g, Anti-virus, Anti-Malware, HIPS
- Manage Active Directory security e.g. Audit, Account Silos, GPOs, User accounts, Security Groups, NTFS permissions
- Implement and maintain vulnerability and patch management programs and all related technologies e.g. WSUS, QualysGuard
- Design, implement, and maintain log management solution e.g. Splunk, LogRhythm
- Design, implement, and maintain two factor authentication solution.
- Maintain all password management and password escrow solutions.
- Conduct information security risk assessments and penetration testing.
- Design, document, and execute disaster recovery and business continuity drills or actual events.
- Implement and maintain an information security risk management program.
- Implement and maintain security incident response program.
- Implement information awareness program.
- Consult all departments on relevant information security compliance or questions.
- Train and educate staff on information security.
- Work with auditors to verify compliance with security controls.
- Is a leader and mentor of others and is passionate to help other elevate their technical abilities.
- Expert in one or more scripting languages e.g. Powershell, Python, Ruby
- Creates department policies, procedures, and standards.
- Write and prepare documentation, plans, or reports as directed.
- Other duties as assigned.
Desired Skills and Experience:
- AS or BS degree in technical area (or related experience)
- Minimum 5+ years’ experience working in information security
- Minimum 5+ years’ experience with networking (firewalls, switching, routing)
- Minimum 10+ years’ experience with Windows server administration
- Minimum 5+ years’ experience with VMWare virtual infrastructure
- Certifications desired, but not required: CISSP, CEH, Microsoft, CCNP, CCSP, GIAC, ITIL
- Leader, Self-directed, Consultant
- Excellent listener
- Ability to communicate complex issues to all levels
- Strong Troubleshooting/Problem solving
- Strong interpersonal skills
- Ability to effectively organize and prioritize work tasks
- Strong attention to detail and follow through
- Strong written and oral communication
- Must be a team player who works well with others