Lead Information Security Engineer Job Description Template
Our company is looking for a Lead Information Security Engineer to join our team.
Responsibilities:
- Assist in training other security operations staff to perform specific IT security functions;
- Liaise with managed service providers and vendors to ensure systems are operating as expected;
- Lead efforts to enhance continuous monitoring capabilities;
- Troubleshoot security issues and assist with security incident responses and forensic investigations;
- Review security metrics and telemetry to identify risks, security threats, or configuration errors;
- Maintain documentation on security architecture, procedures, configurations;
- Other tasks as assigned;
- Provide scheduled “on-call” support as part of an “on-call” rotation schedule;
- Recommend and implement enhancements to existing processes, focusing on automation and integration between other security tools;
- Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials;
- Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements;
- Provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle;
- Develops and maintains analytical procedures to meet changing requirements;
- Reviews test plans/procedures and ensures they verify/validate the requirements;
- Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems.
Requirements:
- Exhibit 3-5 years of experience in a similar lead position;
- Experience working for or with Managed Security Service Providers or Managed Detection and Response providers;
- Industry recognized professional certification(s) such as CISSP, GCIH, GCIA, CCSK, OSCP;
- Ability to work on highly complex projects that require in-depth knowledge within multiple IT architecture and security domains;
- Red team experience or experience working alongside red team to remediate vulnerabilities and shape security strategy;
- Excellent interpersonal, negotiation, and influencing skills; ability to facilitate discussions around complex issues and bring them to resolution;
- Implementation of solid security principles across the organization to meet business goals along with customer and regulatory requirements;
- Experience working with incident response and vulnerability management teams;
- Understanding of attack surface reviews and multi-layer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents;
- Experience with security considerations of cloud computing;
- Certified Information Systems Security Professional (CISSP) certification or willingness to pursue;
- Demonstrated ability to lead all aspects of major information security initiatives. Formal project management experience a plus;
- Bachelor’s degree and/or equivalent work experience. Graduate degree is preferred;
- Desire to coach, mentor, and lead other staff members;
- Active TS/SCI clearance.