Previous Job
Previous
Information Security Engineer
Ref No.: 18-00932
Location: Raritan, New Jersey
Start Date / End Date: 06/25/2018 to 01/31/2019
NOTES: A focus on security operations, security triage, cyber investigation, phishing, threat hunting will be beneficial.​​​​​​​

We are currently seeking an Information Security Engineer. As our company continues to grow, we are seeking an Information Security Engineer for our technical Information Security team. Reporting into the Senior Manager of Information Security, this resource will have global responsibility for two critical Information Security areas: 1. Develop, design, implement and execute security vulnerability assessments and consulting on remediation recommendations. 2. Analyze and respond to a range of security alerts covering all locations and the ability to communicate with all levels within the company. The position will assist the Senior Manager to design, implement and provide ongoing relevant information security services as well as communicating risks, exposures, or threats to relevant stakeholders. The Information Security Engineer also serves as a strong consultant to the enterprise business units, application, and technical teams.

Responsibilities:
  • Monitor, respond and evaluate the trending of security alerts generated from several heterogeneous security devices.
  • Establish technical standards and process that ensure industry best practices for Information Security are applied to IT and Business systems
  • Provide Incident Response (IR) support when analysis confirms the actionable incident.
  • Monitor, evaluate and provide threat and vulnerability analysis as well as security advisory services.
  • Ensures all information security deployments are properly implemented and supported.
  • Monitor, analyze and respond to previously undisclosed software and hardware vulnerabilities.
  • Investigate, document, and report on information security issues and emerging trends. Remain current, identify new functionality to meet business needs and foster knowledge sharing.
  • Integrate and share information with other analysts and teams
  • Manage tracking and remediation of vulnerabilities by leveraging agreed-upon action plans and timelines with responsible technology developers and support teams.
  • Assist with policy, standards, process and procedural updates as part of comprehensive remediation solutions
  • Validate remediation by reviewing application updates or deployed mitigations to verify resolution.
  • Provide security consulting services, as needed, to various projects to ensure all information security needs are met
  • Work with minimal supervision and be responsible for independently making a broad range of critical decisions. Apply sound judgment, escalating issues, and decisions to the appropriate executive when necessary.
Requirements
  • Minimum of five (5) years with an emphasis on global information risk management threat and/or vulnerability analysis and/or security monitoring/incident analysis. Demonstrated hands-on experience with vulnerability scanning tools as well as SIEM technology is required.
  • Strong technical knowledge in information security including:
    • operating system administration for Windows and UNIX servers,
    • desktop Windows and Mac systems,
    • application and database security,
    • network access control systems, and/or
    • web development, network, and Internet security
    • Cloud and virtual hosting environments.
  • Demonstrated familiarity with the administration and use of networking devices including Cisco routers and switches, wireless access points, Palo Alto firewalls, load balancers and VPN devices.
  • Working knowledge of IP-based protocols including the ability to perform network traffic analysis with Wireshark.
  • Membership in regional and national security organizations such as ISSA, ISC2, ISACA, ACFE, ECTF, Infragard, etc. desired.
  • Professional certification as a Certified Information Systems Security Professional (CISSP) or other industry recognized information security credential is preferred.
  • Knowledge of network technology and information security monitoring practices. Must have demonstrated the ability to apply technology solutions to business problems.
  • High level of personal integrity, ability to professionally handle confidential matters, and reflect an appropriate level of judgment and maturity.
  • High degree of initiative, dependability, and ability to work with little supervision.
  • Effective project management skills and the ability to work on multiple concurrent projects.
  • Possesses and displays excellent verbal and written communication skills with the ability to convey information to internal and external customers in a clear, focused and concise manner. Ability to work with all levels of the organization, both technical and non-technical.
  • Proven ability to recognize opportunities for change and act as a catalyst for change management.