Senior Information Security Engineer Job Description Template
Our company is looking for a Senior Information Security Engineer to join our team.
Responsibilities:
- Coordinate the design, implementation and evaluation of all phases of highly complex information security solutions and programs;
- Support security authorization activities in compliance with the Risk Management Framework process (RMF);
- Facilitate new electronic data interchanges between other financial firms;
- Build and review reports on event anomalies;
- Analyze business needs, researches and recommends solutions;
- Designs and conducts training for corporate security education and awareness programs;
- Assist in the enforcement and monitoring of Compliance regulations;
- Provide security expertise to the company;
- Perform other related duties incidental to the work described herein;
- Provide responses to customer security questionnaires and internal and external auditors regarding information security capabilities and controls;
- Participate in internal Blue and Red Team activities;
- Participate in incident response, including steps to minimize the impact, conduct technical forensic investigation and report on remediation plans;
- Analyze IT projects and roadmaps and identify security dependencies and risks, and design solutions to remediate information security risks;
- Create and champion information security policies, standards, guidelines and standard operating procedures;
- Engineer, implement and monitor security measures for the protection of Coty’s computer systems, networks and information.
Requirements:
- Self-starter, energetic multi-tasker, highly motivated and team player;
- Read / Comprehend Written Instructions;
- RMF SME;
- Bachelor’s degree in Computer Science, Information Systems or related field (8 years of experience may substitute for a degree);
- Fluent in one of the following and experienced in two: Java, Javascript, Python, AngularJS, Ruby, Shell, C++, C#, .NET, php, SQL;
- Experience working in or with lean, agile, or devops-oriented teams;
- Experience leading compliance assessments of relevant cybersecurity frameworks;
- Experience conducting daily Security Operations Center triage and research;
- Ability to lead the design of network security infrastructure and the integration of new requirements into existing architectures;
- ユ Experience working with information security practices, networks, software, and hardware;
- Demonstrated experience in computer security combined with risk analysis, audit, and compliance objectives;
- Experience with DLP and IPS/IDS systems;
- Experience working across the full stack of enterprise security tools to include everything from the physical layer to the application layer;
- Previous consulting or sales engineering experience is ideal;
- Experience working with security vendors to evaluate products, analyze security functionality and submit feature requests.