Security Engineer Job Description Template
Our company is looking for a Security Engineer to join our team.
Responsibilities:
- Regularly required to use hands to finger, handle or feel objects, tools or controls, and reach with hands or arms;
- Penetration testing and Vulnerability Management;
- Introduce new security initiatives, programs and processes as well as changes;
- Influence on projects and team;
- Maintain skillset on security and vulnerability trends. Remediate systems based on supplied threat intelligence information;
- Fulfill daily service requests and resolution;
- Participates in vulnerability assessment activities;
- Architect and advise groups in building secure products and services;
- Engineer, implement and monitor security measures for the protection of computer systems, networks and information;
- Balance security with end user efficiency and business needs;
- Review code for common security vulnerabilities;
- The primary responsibility of the Security Engineer is information security incident management. This includes;
- Analyze and review complex system requirements from a security perspective;
- Performing security audits of our information systems and reporting the results to the team and leadership;
- Coordinate with internal teams to schedule Data Loss Prevention ( DLP ) scans.
Requirements:
- Makes recommendations to manager on decisions of complex, multifaceted nature;
- Ability to work individually and as part of a team;
- Hands-on experience with IT Systems administration and infrastructure;
- Must be able to synthesize multiple data points across a number of business and technical domains;
- Understanding of current security threats, real-world attacks and mitigations;
- 2 years’ experience with DevSecOps tools and processes to include, but not limited to Git, Concourse, SonarQube, Fortify and ThreadFix;
- A Bachelor’s Degree in Computer Science, Cyber Security or similar disciplines;
- Previous experience as a Release Engineer, Development Operations (DevOps) Engineer, or Software Engineer is mandatory;
- You have 4+ years of experience specifically within security engineering (Compliance heavy industries preferred but not required);
- Able to critically examine an organization and system through the perspective of a threat actor and articulate risk in clear, precise terms;
- Knowledge of specific attack types and common security bug categories;
- Applying computer security best practices and principles to deployed information systems;
- Nessus or other vulnerability scanner;
- Strong understanding of web service technologies (XML, JSON, SOAP, and REST);
- Problem solving skills and ability to work under pressure.