Overview
Reports to: Information Security Architect Supervisor
Functions Supervised: None
Primary Functions: Provide security engineering support via network security implementation, analysis, testing and monitoring.
Duties and Responsibilities:
- Assist with implementing, testing, managing, monitoring, and upgrading security solutions for the protection of the organization's data, systems, and networks.
- Assist in the development of best practices, policies, programs, procedures, and security standards for the organization.
- Serve as escalation point for Information Security Analysts.
- Analyze and correlate security events and implement countermeasures to mitigate attacks.
- Provide information security support in the design, integration, deployment, and troubleshooting of enterprise information security solutions.
- Collaborate with team members to analyze security needs/requirements and assist in developing/implementing security standards/technical solutions.
- Research and identify ethical hacking, intrusion detection/prevention technologies, secure coding practices, and threat modeling.
- Implement secure network architectures, virtualization technologies, identity and access management principles, application security, encryption technologies, DNS, SOA, and web applications as directed.
- Provide security engineering recommendations and assist with planning and implementation of long-term projects.
- Troubleshoot complex multi-network firewall policy issues.
- Understand incident response methodologies and assist with security incidents.
- Maintain a working knowledge of Offensive Security, TCP/IP, HTTP, FTP, cookies, authentication, virus scanning, web servers, and encryption.
- Decode and understand traffic flow using packet-level traces (skilled with TCPDUMP, PCAPs, traffic generators, etc.).
- Identify common network and website attacks such as SQL injection, cross-site scripting, remote file inclusion, and cookie manipulation.
- Maintain a working knowledge of authentication, session management, requests, and form submission processes.
- Maintain a working knowledge of server-grade applications including Exchange, DNS, SMTP, IIS, Apache, SharePoint, Active Directory, Identity Management, Patch Management, LDAP, and SQL.
- Perform IDS/IPS real-time monitoring analysis and/or network forensics.
- Maintain a working knowledge of regulatory and audit mandates to ensure environments meet PCI, FFIEC, NCUA, and industry standards.
- Serve on-call as scheduled.
- Other duties as assigned.
Qualifications
Education: Bachelor’s degree in Computer Science, Information Technology, or related field.
Creditable Experience in Lieu of Education: One to two years’ experience equivalent in technical training, certifications, and/or work experience.
Experience/Skills: One of the following industry security certifications is desirable: Certified Information Systems Auditor, Certified Information System Security Professional, Certified Ethical Hacker, any Level 5 GIAC Certification, or other advanced level certification. General knowledge of how offensive security attack vectors work, including Phishing, privilege escalation, buffer overflow, and lateral movement, to name a few. One to two years demonstrable experience managing or implementing enterprise security solutions. A minimum of one to two years experience with holistic security engineering, experience with firewalls, IDS/IPS, endpoint solutions, proxy servers, web application firewall, security incident or event management systems, data loss prevention, routers, switches, subnets, and VLANs desired. Requires knowledge of Transmission Control Protocol/Internet Protocol (TCP/IP) and communication protocols in LAN/WAN deployments. Demonstrated ability to successfully manage and coordinate multiple time-sensitive activities. Excellent verbal and written communication, organizational, and interpersonal skills required.
Tenure: Assignment to the Information Security Engineer I category 09, Information Security Engineer II category 08, Information Security Engineer III category 07, or Senior Information Security Engineer category 06 will be determined by the candidate's education or experience. Advancement requires management recommendation and will be based on the candidate's certifications and/or performance.
Compensation
Salary Pay Range:
- Information Security Engineer I (Category 09): $63,233 - $101,804 annually
- Information Security Engineer II (Category 08): $72,717 - $119,983 annually
- Information Security Engineer III (Category 07): $80,000 - $137,981 annually
- Senior Information Security Engineer (Category 06): $90,000 - $155,000 annually
Starting base salary will be determined based on candidate experience, qualifications, education, and local or state wage requirements, if applicable, and will fall within the range provided above.
In accordance with our Salary Administration policy, new hire base salaries generally fall within the minimum to midpoint of the listed range.
Benefits
- Short-term and long-term incentives
- Comprehensive medical, dental, and vision insurance plan that has HSA and FSA options
- 401(k) plan with a 5% match
- Employee Assistance Program (EAP)
- Life and disability coverage
- Voluntary cash benefits for accident, hospitalization, and critical illness
- Tuition Reimbursement
- Generous leave programs including Paid Time Off accrual, Paid Sick Leave, Paid Holidays
Equal Opportunity Employer
#J-18808-Ljbffr