| This posting has been closed |
Seeking a Lead Information Security Engineer for a 100% Remote position.
The Lead Information Security Engineer (LISE) will be responsible for providing engineering design, analysis, and support for routers, firewalls, networks, and operating systems. The role The LISE must be able to translate the IT-risk requirements and constraints of the business into technical control requirements and specifications, as well as develop metrics for ongoing performance measurement and reporting. The ISM coordinates the IT organization's technical activities to implement and manage security infrastructure, and to provide regular status and service-level reports to management. This role will report to the Director of Infrastructure and Operations and have a dotted line to the Chief Security Office.
Responsibilities
- Develop global strategic security roadmaps for focus areas within the company.
- Manage daily operations of information security systems.
- Develop new, and mature existing information security and risk policies.
- Develop, administer, mature and fine-tune security operational processes to ensure compliance with policies and regulatory agencies.
- Manage the security oversight of information systems assets and the protection of systems from intentional or inadvertent access or destruction.
- Partner with functional areas of the organization to define an Information Security/Risk strategy to address the data protection requirements necessary to comply with policies, applicable
regulations and legal requirements. - Define, initiate, and lead an on-going information security maturity assessment process, using an industry accepted framework, feeding the output into the overall information security strategy.
- Provide oversight for the identification, triage and response of events or incidents of apparent security incidents for diagnosis of possible breaches.
- Produce and review key performance indicators for implemented security measures and distribute KPIs.
- Maintain knowledge of threat landscape by monitoring threat intelligence, and other related sources.
- Leads project management, assigning projects, tasks, and milestones to information security team.
- Provides supervision to the information security staff, including coaching, mentoring and training
- Prepares estimated budgets and timelines for technical projects based on resources needed.
- Other job duties as assigned.
Skills Requirements
- Technical expertise in network security knowledge, to include VPN, firewall, network monitoring, intrusion detection, web server security and wireless security, cloud, OT, and the Internet of Things
(IoT) - Practical experience with database security, content filtering, vulnerability scanning and anti-malware
- Proficiency with at least one scripting language (e.g., Perl, Python and PowerShell)
- Understands business needs and has a commitment to delivering high-quality, prompt and efficient service to the business
- Understands organizational mission, values, and goals and consistently applies this knowledge
Required Education/Experience
- Bachelor’s Degree in Computer Science or a related technical discipline, or the equivalent combination of education, professional training or work experience.
- 3+ years of related experience in data security administration
- 1-2 years of previous supervisory experience preferred.
- Experience with Security governance and policy creation
- Experience with Security risk analysis
- Experience with logging and monitoring systems
- Experience with intrusion detection and prevention systems
- Experience with Proxy filtering systems
- Experience with scanning and vulnerability management systems
- Experience with Advanced Malware Protection
- Experience with Threat Intelligence
- Experience with Incident Response methodology in investigations, and the groups behind targeted attacks and tactics, techniques, and procedures
- Incident Management – analysis, detection and handling of security events
- Certifications highly desired. (CISM, GIAC, CISSP, CEH, CCSP, Security +).