Information System Security Engineer - Permanent
Posted on: March 15, 2023
POSITION SUMMARY: Security specialist responsible for protection
of information and information systems from unauthorized access,
use, disclosure, disruption, modification or destruction; physical
and personnel security to protect information and other valuable
assets physically stored within facilities and installations; as
well as communications and network security to protect electronic
information in transit over networks.
> This position will have direct involvement in a wide range of concerns and projects including the development of secure architectures and methodologies requiring security best practices and use of industry standards, such as ISO 27002, etc. Guiding compliance to major governance and regulatory standards such as PCI DSS, MA Data Privacy and SASE 16 is a key position goal. Deploying and maintaining enterprise encryption and endpoint security both for managed and unmanaged assets, performing forensic investigations and reporting / documenting conclusions of such investigations is required. Front line management of security events and information management systems maintaining security is also required.
> ESSENTIAL FUNCTIONS:
> Maintain necessary documentation to support security strategy by outlining the requirements and benefits of specific security tools and/or solutions. Maintain and update security documentation including diagrams, security standards, and disaster recovery manuals.
> Interface with groups and individuals to resolve security issues related to implementation of network and product security.
> Application of specific security skills to design, develop, deploy, monitor, maintain, and control the suite of tools used by the Information Security team.
> Apply current security technologies to the design and integration of enterprise application infrastructures to maintain overall security.
> Use penetration and vulnerability analysis of various products and applications, and provide skillful, resourceful written reports including deep technical analysis and high-level non-technical overview.
> Assist in monitoring, investigating, documenting in detail and resolving identified security weaknesses, and recommend documented resolutions for enhancement.
> Desired Skills and Experience
> EDUCATION: Bachelor's degree in Engineering or Computer Science or equivalent combination of education and work experience. Desirable certifications: CISSP, CCIE Security. UNIX & Microsoft certifications a plus
> EXPERIENCE: 5 - 10 years information security or related engineering experience. Fundamental understanding of risk-based information security management, as well as knowledge of applicable regulations, standards, and guidelines pertaining to information assurance (FIPS, NIST, ISO Standards). Ability to work with the development, integration, and infrastructure teams in implementing security controls. Ability to articulate vulnerability and risk based on technical security posture. Ability to support the development of system level plan of action and milestones. Experience working on Microsoft-based, complex systems in the security engineering role using the security features of Windows 2003/2008 Server products, Windows XP/7, IIS, Sharepoint, Exchange and SQL Server products. Experience as a security engineer or systems engineer including systems architecture, evaluation, requirements analysis, implementation, and process execution.
POSITION SUMMARY: Security specialist responsible for protection of information and information systems from unauthorized access, use, disclosure, disruption, modification or destruction; physical and personnel security to protect information and other valuable assets physically stored within facilities and installations; as well as communications and network security to protect electronic information in transit over networks.
Keywords: , Medford , Information System Security Engineer - Permanent, IT / Software / Systems , Medford, Massachusetts
here to apply!