Sign up to access all features of our service.
  • Job search
  • Favorites
  • Create a CV
    New
  • Salaries
  • Subscriptions

Information Security Engineer

eTrepid Inc

Information Security Engineer

As a member of the Information Security Program Team, the Information Security Engineer is responsible for participating in all aspects of planning, deploying, documenting, monitoring, & maintaining the layered security to protect the confidentiality, integrity, and availability within the corporate and client facing infrastructures. This position will focus on protecting system boundaries, keeping systems and infrastructure hardened against attacks and securing highly sensitive data, along with securing user and computer identities.

Key Responsibilities:

  • Perform engineering, tuning, and provide guidance of network security controls & hardening including IDS/IPS, Web Filtering, Cloud Technologies, Email/Spam, and Firewalls.
  • Perform engineering, tuning, and guidance to the Information Security Team for incident response & SIEM management.
  • Experienced in cloud security and compliance for Azure and AWS.
  • Manage and support Identity and Access Management.
  • Support the investigation and resolution of security incidents.
  • Perform Security User Awareness Training and Phishing campaigns.
  • Perform vulnerability management as well as support penetration testing and remediation.
  • Perform engineering, tuning, & provide guidance of mobile & endpoint security controls & hardening including AV, Endpoint Detection & Response, DLP, & encryption.
  • Translate security controls and requirements into system specification requirements.
  • Perform 3rd party vendor risk management assessments.
  • Plan, develop, and enhance security standards, requirements gathering, and engineer security solutions across the risk and technology portfolio.
  • Assist in designing computer security architecture and develop detailed cyber security designs.
  • Engineer, implement and monitor security measures for the protection of computer systems, storage, infrastructure, and cloud applications.
  • Define system security requirements, identify vulnerabilities, and coordinate remediation plans.
  • Support and coordinate risk assessments and security evaluations for vendors deploying solutions either on premise or in the cloud.
  • Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations.
  • Plan and coordinate the deployment of security and vulnerability patching to all computer systems.
  • Prepare and document standard operating procedures and standards.
  • Develop technical solutions and select and implement new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
  • Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement.
  • Plan/automate/deploy new infrastructure and security capabilities.
  • Participates in security awareness trainings, webinars, and podcasts designed as a Subject Matter Expert (SME).
  • Adept at Presenting in-person and virtual to customers, partners, and executives.
Qualifications

Eligibility Requirements:

  • BS degree in Computer Science, Information Systems or equivalent experience preferred.
  • CISSP certification required.
  • Industry certifications preferred: CISA, CISM, CEH, GIAC, or equivalent.
  • 8+ years of relevant experience focusing on security analysis.
  • 3+ years of experience performing Network Security with expertise configuring Firewalls, Network IDPS systems, Data-Loss Prevention (DLP), VPN, Proxy/Web content filtering, WAF, NAC, Zero-Trust, GRE/IPSec, and/or Network segmentation.
  • Experience managing and configuring Vulnerability Management tools, Cloud Security (including CASB & M365), Identity and Access Management tools, and/or Multi-Factor authentication
  • 3+ years of experience performing Endpoint Security with expertise configuring AV and/or MDR/EDR solutions, hardening Windows Server and Workstation OS, and/or MDM and Mobility.
  • Experience performing SIEM management and tuning, incident response, forensics, playbook development, and/or SOAR tools.
  • Ability to employ procedures, methods, and tools for identifying, representing, and formally assessing the important aspects of alternative decisions (options) to make an optimum (e.g. best possible) decision.
  • Experience with IT governance and/or risk.
  • Strong knowledge of network & infrastructure security architecture.
  • Experience working with Linux and Windows operating systems.
  • Experience with Microsoft Azure, IaaS, PaaS, SaaS, NaaS platforms
  • Detailed and thorough knowledge of incident analysis and response concepts and techniques, including incident tracking process, root cause, lessons learned and process improvements.
  • Knowledge of compliance standards and security frameworks (COBIT, NIST, HIPAA, ISO27001/2, OWASP, PCI)
  • Knowledge of security regulations, frameworks and security requirements that impact SMB market (GLBA, HIPAA, PCI, NIST 800-171, NIST 800-53, NIST -CSF, CMMC)
  • Excellent analytical and problem-solving skills with the ability to work under pressure.
  • High level of personal integrity, with the ability to professionally handle confidential matters while leveraging the appropriate level of judgment.
  • Strong interpersonal and communication skills.
  • Ability to work well under stressful environments.
  • Ability to work extended hours and weekends when required.
Additional Information

If you have an interest and meet these requirements, we encourage you to apply online!

  • Must be a United States citizen to Apply.
  • Ability to gain a security clearance.
  • EOE Principles only.
Vacancy posted 3 days ago
Similar jobs that could be interesting for youBased on the Information Security Engineer in Mechanicsville, MD vacancy
  •  ...Target Education: Bachelor's level degree in Computer Engineering, Computer Science, or Information Systems, or an equivalent technical degree from an...  .... Applicant must be a US citizen and hold an active DoD Secret security clearance Requirements:... 
    Suggested

    EHS TECHNOLOGIES CORPORATION

    Indian Head, MD
    5 days ago
  •  ...Description Description: Target Education: Bachelor’s degree in Information Technology, Computer Science, or an equivalent technical...  ...Target Experience: Four (4) years’ experience in network security (security+/CCNA-Routing, CCNA Security Cisco CCNA Routing or CCNA... 
    Suggested

    EHS TECHNOLOGIES CORPORATION

    Indian Head, MD
    5 days ago
  •  ...Description Description: Target Education: Bachelor’s degree in information technology, computer science, or an equivalent technical...  ...Target Experience: Eight (8) years’ experience in network security (CCNP-Routing or CCNP Security), demonstrating strong experience... 
    Suggested

    EHS TECHNOLOGIES CORPORATION

    Indian Head, MD
    5 days ago
  • Phase2 Technology is seeking a Systems Security and Network Security Engineer in Indian Head, MD. You will manage Splunk Enterprise on Linux systems, enhancing security strategies to support US Navy operations. Your role includes troubleshooting, configuring systems, and... 
    Suggested

    Phase2 Technology

    Indian Head, MD
    3 days ago
  • $82.62k - $157.35k

     ...clinical expert educator, consultant leader and researcher for information systems. Responsible for the planning, development,...  ...care to ensure quality patient care across the continuum and to secure resources to support evidence based patient care. Maintains knowledge... 
    Suggested
    Work experience placement

    MedStar Health

    Waldorf, MD
    3 days ago

Do you want to receive more vacancies?

Subscribe and receive similar vacancies to Information Security Engineer. Be the first to apply!