IT Security Engineer
The incumbent’s primary responsibility is to secure enterprise information by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. The incumbent holds a leading role in the IT Security Department and applies in depth security knowledge and expertise to secure the OF’s various
applications, databases, etc. The incumbent identifies potential threats to the IT infrastructure and recommends enterprise security enhancements. The Information Security Engineer will work on project teams as a technical expert and deliver quality products according to project schedule. The incumbent must possess the ability to effectively lead and influence others without direct managerial authority,
using collaboration, coordination and self-motivation.
The incumbent serves a critical role in support of the function as the company's fiscal agent in the analysis, issuance and servicing of the multi-billion-dollar debt portfolio. The accuracy and the availability of these security systems are critical to the successful operation of the company.
- Act as subject matter expert in Network Firewalls/Web application firewalls.
- Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; and preparing cost estimates.
- Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs.
- Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; and mentoring team members.
- Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired.
- Provide engineering support, troubleshooting, administration, and evaluation of all preventative and detective security technologies such as:
- Malcode detection, network access controls, web/email content filtering, intrusion detection and vulnerability management.
- Technical and project lead on IT Security initiatives. Works closely with Windows Engineers, Linux Engineers, Application Development and Architects.
- Generation and documentation of operational processes, procedures, and incident response plans where necessary.
- Engineers solutions with a Business continuity mindset
- Acts as technical lead on security focused audit findings
- Minimum 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging and administering Network Security Products (Firewalls, Proxy, IDS/IPS, Load balancers, etc)
- 5+ years experience in IT security field
- 5+ years experience practicing Change, Problem and Incident management processes in an ITIL fashion in an enterprise environment
- Ability to analyze, use and configure large enterprise networks
- Proven crisis management skills
- Understanding of malware, emerging threats, attacks, and vulnerability management
- Through understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS)
- Through understanding / working knowledge of data security controls, protocols and methods
- System administration experience with various web server technologies (IIS/Apache) and application server technologies (IIS/Apache Tomcat/Coldfusion)
- Recent responsibilities showing a progression to that of a “Tier 3” Support Engineer (or similar capacity)
- College degree in relevant field a plus
- Motivated, passionate, team-player traits required
- Industry certifications are preferred but not required. (Security+, CEH, CISSP)
- Strong problem solving skills
- Strong written and oral communication skills
- Working knowledge of firewall technologies, Checkpoint preferred
- Strong understanding of Local & Wide Area Networks (LAN/WAN) and Working knowledge of dynamic routing protocols (such as BGP, EIGRP, OSPF, etc.)
- Fundamental knowledge of *NIX (Sun Solaris, LINUX, Windows, etc)
- Ability to initiate and complete assignments accurately and on time, with minimal supervision
- Ability to work effectively with vendor technical support channels
- Ability to analyze and solve problems independently
- Comprehensive understanding of the terminology, principles and application of fault tolerance high availability and disaster recovery preparedness