Information Security Engineer

What you will do:

Our client is looking for an Information Security Engineer who will be primarily responsible for the day-to-day operations of their Information Security team. The Information Security Engineer will work closely with Information Security and IT teams to ensure threats to our client’s environment are quickly triaged and remediated, and works to support projects within the Information Security Compliance Team.

Triage and respond to incidents according to the Incident Response Cycle

Work closely with global Information Security teammates through video conference and messaging technology

Work with various tools such as

• • • Vulnerability Scanners
    • Email Threat Mitigation Platforms
    • Security Incident and Event Managers
    • Endpoint Protection Platforms
    • Network Access Control Platforms
    • Firewalls
    • External and reputational risk platforms

Work on compliance projects supporting FedRAMP, Soc2, and DFARS compliance frameworks/programs

Compile and present operational metrics

Build process and environment documentation

Assist with compiling evidence for compliance audits

Assist with projects as assigned

Be the Subject Matter Expert on assigned tools

What You Bring To Our Client:

Bachelor’s degree in the field of Information Security, Information Assurance, Computer Science, Information Technology, or similar

A current and active Information Security certification (Security+, CCSP, GIAC, or equivalent – relevant vendor certifications also considered)

3+ years of experience in an Information Security role supporting a corporate Information Security Program

Information Security Incident Triage and Handling

Ticket/Case Management

Threat Identification

Vulnerability Assessment

Hands-on experience with the following

• • • SC/Nessus
    • SIEM Reporting, Logging, and alerting
    • Mimecast or other Email protection platforms/tools
    • Crowdstrike, Carbon Black, or Cylance
    • Upguard/Bitsight/Security Scorecard administration

Experience with cybersecurity frameworks, policy management, or 3rd party audits

Team-focused work (team player)

Ability to Administrate Information Security and Development tools

Ability to create and maintain documentation.

Ability to communicate complex information security risks and scenarios to a general audience

Ability to work with minimal supervision (self-motivated)