The Systems and Security Engineer role is to ensure the secure operation of Enterprise computer systems, servers, applications, network connections and controls. This includes involvement in the implementation of new security solutions, participation in the creation and maintenance of policies, standards, baselines, guidelines and procedures as well as conducting vulnerability audits and assessments. You will serve as the subject matter expert of internal security and work closely with IT, Compliance and other teams when needed. The Enterprise Security Operation Engineer is expected to be fully aware of the organization’s security goals as established by its stated policies, procedures and guidelines and to actively work towards upholding those goals.

Ensure all tasks performed adhere to the firm’s ISO 27001 Information Security Management System (ISMS).  This includes participation in annual information and network security training and acceptance of spot checks on an ad hoc basis to guarantee that InteliSecure is constantly improving upon the organization’s ISMS.  Each member of our team must understand the importance of the ISMS and the subsequent handling of customer data.

DUTIES & ESSENTIAL JOB FUNCTIONS:

• Plan and design security architecture for all systems. Collaborates on critical IT projects to ensure that security issues are addressed throughout the project life cycle. Works with the IT department and members of the information security team to identify, select and implement technical controls.

• Assist in the implementation of security best practices in accordance with ISO 27001 Information Security Management System and other nation/international security standard.

• Reports to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance.

• Maintains and builds relationships with business units and serves as an information consultant to teams and manager to ensure compliance with information security standards and guidelines through applicable policies, procedures and processes.

• Documents security concerns and alerts the Manager of Security and Compliance to security issues in a timely manner upon discovery. Maintains status reports and priority of all security issues on a regular basis.

• Provides day-to-day management of the Information Security Program. Creates and maintains procedures for auditing information regarding access to and creation of data. Monitors security reports for unauthorized, inappropriate access and/or intrusions in accordance with department policy/protocol.

• Assists in the testing, selection, placement, implementation, documentation, operation and maintenance of various information security technologies.

• Develops Information Security education training for continuing education and orientation programs to all employees and staff members.

• Assists in the preparation of information systems to resume normal operation of all the essential information systems and networks after events such as disaster recovery, vandalism and equipment failure.

• Monitors security reports generated for unauthorized access and possible security breaches identified through review of audit reports or received from individuals. Follows department policy/protocol in reporting security breaches and apparent security breach attempts.

• Demonstrates familiarity with legal requirements relating to information security and keeps abreast of current trend and development on the field.

• Performs a variety of related duties as assigned.

QUALIFICATIONS:

•  3 - 5 years of Computer Networking, Technical Support, System Administration or Network Security experience
• Bachelor’s Degree in Computer Science or related disciplines. Experience may be considered in lieu of a degree
• Knowledge of TCP/IP basics
• Strong passion and mindset for security development and technologies
• Knowledge in common InfoSec best practices
• Ability to work effectively with team members
• Self-motivated, with ability to manage and follow up on multiple tasks simultaneously
• Ability to communicate complex ideas and solutions to a variety of audiences
• Strong time management skills
• Must be able to work off hours and participate in on-call rotation.
• Excel working in complex, fast paced, fluid environments

PREFERRED:

• Currently holding multiple industry certifications (CISSP, OSCP, GIAC)
• Experience with various security solutions (IPS, SIEMs, Firewalls, etc.)
• Deep understanding of Unix/Linux Windows and OSX
• Extensive information security knowledge and experience typically acquired through 5 to 7 years of related experience.
• Understanding of business processes and non-technical requirements
• Deep understanding of security methodologies ISO 27001 and ITIL