Security Engineer Job Description

Security Engineer Job Description Template

Our company is looking for a Security Engineer to join our team.

Responsibilities:

  • Regularly required to use hands to finger, handle or feel objects, tools or controls, and reach with hands or arms;
  • Penetration testing and Vulnerability Management;
  • Introduce new security initiatives, programs and processes as well as changes;
  • Influence on projects and team;
  • Maintain skillset on security and vulnerability trends. Remediate systems based on supplied threat intelligence information;
  • Fulfill daily service requests and resolution;
  • Participates in vulnerability assessment activities;
  • Architect and advise groups in building secure products and services;
  • Engineer, implement and monitor security measures for the protection of computer systems, networks and information;
  • Balance security with end user efficiency and business needs;
  • Review code for common security vulnerabilities;
  • The primary responsibility of the Security Engineer is information security incident management. This includes;
  • Analyze and review complex system requirements from a security perspective;
  • Performing security audits of our information systems and reporting the results to the team and leadership;
  • Coordinate with internal teams to schedule Data Loss Prevention ( DLP ) scans.

Requirements:

  • Makes recommendations to manager on decisions of complex, multifaceted nature;
  • Ability to work individually and as part of a team;
  • Hands-on experience with IT Systems administration and infrastructure;
  • Must be able to synthesize multiple data points across a number of business and technical domains;
  • Understanding of current security threats, real-world attacks and mitigations;
  • 2 years’ experience with DevSecOps tools and processes to include, but not limited to Git, Concourse, SonarQube, Fortify and ThreadFix;
  • A Bachelor’s Degree in Computer Science, Cyber Security or similar disciplines;
  • Previous experience as a Release Engineer, Development Operations (DevOps) Engineer, or Software Engineer is mandatory;
  • You have 4+ years of experience specifically within security engineering (Compliance heavy industries preferred but not required);
  • Able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms;
  • Knowledge of specific attack types and common security bug categories;
  • Applying computer security best practices and principles to deployed information systems;
  • Nessus or other vulnerability scanner;
  • Strong understanding of web service technologies (XML, JSON, SOAP, and REST);
  • Problem solving skills and ability to work under pressure.