Lead Information Security Engineer

Lead Information Security Engineer Job Description Template

Our company is looking for a Lead Information Security Engineer to join our team.

Responsibilities:

  • Assist in training other security operations staff to perform specific IT security functions;
  • Liaise with managed service providers and vendors to ensure systems are operating as expected;
  • Lead efforts to enhance continuous monitoring capabilities;
  • Troubleshoot security issues and assist with security incident responses and forensic investigations;
  • Review security metrics and telemetry to identify risks, security threats, or configuration errors;
  • Maintain documentation on security architecture, procedures, configurations;
  • Other tasks as assigned;
  • Provide scheduled “on-call” support as part of an “on-call” rotation schedule;
  • Recommend and implement enhancements to existing processes, focusing on automation and integration between other security tools;
  • Produces high-quality papers, presentations, recommendations, and findings for senior US government intelligence and operations officials;
  • Participates in design reviews of components (hardware and software) to ensure applicability to the current system and traceability of requirements;
  • Provides feedback to design engineers and evaluates end-to-end systems and systems-oriented products through their entire life cycle;
  • Develops and maintains analytical procedures to meet changing requirements;
  • Reviews test plans/procedures and ensures they verify/validate the requirements;
  • Working as expert, conducts research and evaluates technical performance of software products and overall segments and systems.

Requirements:

  • Exhibit 3-5 years of experience in a similar lead position;
  • Experience working for or with Managed Security Service Providers or Managed Detection and Response providers;
  • Industry recognized professional certification(s) such as CISSP, GCIH, GCIA, CCSK, OSCP;
  • Ability to work on highly complex projects that require in-depth knowledge within multiple IT architecture and security domains;
  • Red team experience or experience working alongside red team to remediate vulnerabilities and shape security strategy;
  • Excellent interpersonal, negotiation, and influencing skills; ability to facilitate discussions around complex issues and bring them to resolution;
  • Implementation of solid security principles across the organization to meet business goals along with customer and regulatory requirements;
  • Experience working with incident response and vulnerability management teams;
  • Understanding of attack surface reviews and multi-layer defense systems to prevent exploits, detect and intercept attacks, and discover threat agents;
  • Experience with security considerations of cloud computing;
  • Certified Information Systems Security Professional (CISSP) certification or willingness to pursue;
  • Demonstrated ability to lead all aspects of major information security initiatives. Formal project management experience a plus;
  • Bachelor’s degree and/or equivalent work experience. Graduate degree is preferred;
  • Desire to coach, mentor, and lead other staff members;
  • Active TS/SCI clearance.