Previous Job
Previous
Information Security Engineer
Ref No.: 18-08503
Location: Richmond, Virginia
Job Description:
I. BRIEF POSITION SUMMARY:
Under limited direction, performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional and inadvertent access or destruction. Interfaces with application development, infrastructure, and user community to understand their security needs and implement processes and procedures to accommodate them. Responsible for technical architecture and recommendations related to data security for both application development and IT infrastructure projects. Develops the necessary procedures to maintain security and educates the user community. Provide status reports and audit results to the Information Technology Security Manager

II. PRIMARY DUTIES AND RESPONSIBILITIES:

 Respond to information technology related security incidents and perform mitigations required to protect critical resources.
 Lead vulnerability management, scanning, testing and remediation program, reviewing computer systems configuration to ensure a secure computing environment.
 Performs detailed analysis of security vulnerabilities developing risk-based business recommendations.
 Gathers information from the business and I.T. department to develop new security related processes and procedures to continuously improve the security posture of the organization.
 Partner with application developers to review commercial and internally-developed applications to determine risk and compliance with required security control and help to determine secure solutions.
 Monitor emerging IT security threats and develop appropriate response measures.
 Assist with the development of security related training and awareness programs.
 Work with internal and external auditors as required on the evaluation of audit policy compliance.
 Mentors others in the information security program.
 Assist in the integration of various enterprise applications to the identity management platform
 Implement, deploy and support new identity management and single sign-on solutions.
 Assist in the development of policies for authentication and authorization security
 Perform identity and access duties as needed.
 Able to independently drive tasks and projects to successful completion through effective project management, customer interaction, and IT coordination
 Ability to learn the business processes implemented in the team's applications in order to provide resolution to support problems
 Can effectively categorize support problems and respond with the appropriate level of urgency, steering support tasks to the appropriate team
 Ability to participate in a 24x7 on-call rotation as scheduled, and the ability to perform after hours support as needed.

III. QUALIFICATIONS:

 Requires a detailed knowledge of various Security Analysis tools to include but not limited to, vulnerability assessment software, virus scanning software, intrusion detection software, wireless network detection software and eDiscovery software.
 Strong understanding of key compliance regulations such as Sarbanes-Oxley, GLBA,HIPPA and Payment Card Industry (PCI).
 Detailed knowledge and experience with network and applications protocols such as TCP/IP, HTTP, or SMB.
 Extensive Understanding of network controls such as Firewalls, ACL, Intrusion Detection Systems and Proxies.
 Able to work in both UNIX and Windows operating systems.
 Detailed knowledge of user administration, authentication methods, file permissions, groups, and domain concepts.
 Able to compare and contrast alternative security approaches and methodologies to select the best method while meeting business objectives.
 Able to asses, identify, and document system security deficiencies and recommends solutions.
 Excellent communication skills to include but not limited to verbal and written communication; delivering organized presentations; able to tailor message to the audience; and facilitate group discussions with diplomacy and seek diverse opinions
 Requires strong analytical and organizational skills.
 Ability to effectively estimate the efforts of others and the impact required to accomplish requested tasks/projects.
 Excellent analytical, troubleshooting, and problem solving skills and performs well in high pressure or stressful situations.
 Excellent organization and time management skills.


#INDVA