Job Summary:

As an Information Systems Security Engineer (ISSE), you will be responsible for designing, implementing, and maintaining secure systems and networks from potential hackers and cyber-attacks. You will work closely with cross-functional teams, including IT, DevSecOps and engineering to ensure that systems and networks are secure, compliant with applicable regulations, and protected against unauthorized access and other security risks. You will be responsible for identifying vulnerabilities and potential threats, conducting risk assessments, and developing and implementing security solutions to mitigate risks of Cybersecurity threats.. You will also be involved in incident response, security monitoring, and security policy development.

Key Responsibilities:

• Design, implement, and maintain secure systems and networks, including servers, routers, switches, firewalls, intrusion detection/prevention systems, and other security devices.
• Install security software, perform security testing of data processing systems, update computer virus protection systems, evaluate security violations and train users in security system procedures.
• Perform vulnerability assessments, penetration testing, and risk assessments to identify and prioritize potential security risks and vulnerabilities.
• Develop and implement security measures, policies, and procedures to protect systems and networks against unauthorized access, data breaches, and other security incidents.
• Monitor and analyze security logs and events, and respond to security incidents in a timely manner.
• Conduct security audits and assessments to ensure compliance with applicable regulations, industry best practices, and organizational security policies.
• Collaborate with cross-functional teams to ensure that security requirements are incorporated into system and network design, development, and implementation processes.
• Provide technical expertise and guidance to IT, DevSecOps, and engineering teams to ensure that security controls are effectively implemented and maintained.
• Stay updated on the latest security threats, technologies, and industry trends, and provide recommendations for improving security posture.
• Participate in incident response activities, including investigation, containment, and recovery efforts, as needed.
• Implement and maintain Cyber security controls and practices.
• Provide training and awareness programs to educate employees and users about security best practices and procedures.

Qualifications:

• Bachelor's degree in Computer Science, Information Technology, or related field.
• Relevant professional certifications, such as CISSP, CISM, CEH, or other security certifications.
• Minimum of 8+ years of experience in information system security engineering, network security, or a related field.
• Strong knowledge of security principles, best practices, and industry standards, such as NIST, ISO 27001, and CIS Critical Security Controls.
• Hands-on experience with security technologies, such as firewalls, IDS/IPS, SIEM, DLP, antivirus, and vulnerability scanning tools.
• Great awareness of cybersecurity trends and hacking techniques.
• Has experience implementing the 7 layers of Cybersecurity.
• Experience with risk assessment, penetration testing, and incident response methodologies.
• Strong understanding of networking concepts and protocols, such as TCP/IP, VLANs, VPNs, and routing/switching.
• Familiarity with security-related regulations, such as SOC, SOX, GDPR, HIPAA, and PCI-DSS.
• Excellent analytical, problem-solving, and troubleshooting skills.
• Strong communication and interpersonal skills, with the ability to effectively communicate complex security concepts to technical and non-technical stakeholders.