Information Security Engineer

Role Summary: Designs and implements technical solutions for protecting the confidentiality, integrity and availability of sensitive information. Provides technical evaluations of client systems and assists with making security improvements. Provides technical support in the areas of vulnerability assessment, risk assessment, network security and security implementation. Conducts testing and audit log reviews to evaluate the effectiveness of current security measures. Conducts security product evaluations, and recommends products, technologies and upgrades to improve the client’s security posture.

Responsibilities:

• Customizes, validates, administers and supports a variety of enterprise wide information security platforms, systems, frameworks and applications, based on requirements provided by management;
• Develops implementation plans related to information security for systems, tools, platforms, and frameworks.
• Conducts security assessments of systems, tools, platforms, policies, procedures and frameworks.
• Creates designs and diagrams related to information security for systems, tools, platforms, and frameworks.
• Develops standard operating procedures for information security related to systems, tools, platforms, and frameworks.
• Leads audits and reviews designs for information security issues.
• Validates vulnerabilities identified during security testing, audits, and assessments, while reviewing for false positives.
• Understands large scale multi-tenant software products supporting multiple government agencies.
• Understands large scale software integrations of multiple software products.
• Acts as source for direction, training and guidance for less experienced information security engineers.
• Works with engineering teams to define and refine information security and systems management policies and settings.
• Evaluates new and emerging products, technologies and make recommendations to leadership concerning introduction of new technologies.

Required Skills

• > 6 years of information security experience for state and/or federal agencies required.
• > 6 years of leading information security assessments, policy development, framework implementation, and tool implementation.
• Must have knowledge of one or more of the following products: Broadcom Identity Manager, Identity Suite and Single Sign On.

Preferred Skills

• Undergraduate degree
• Certification from Information Security Program (CISM, CompTIA, GSEC, CISSP, etc.) Preferred.
• Preferred knowledge of one or more of the following products: Dell Nutanix, Dell VxRail, VMware ESXi/vCenter/NSX/SRM, Microsoft Windows Server, RedHat Enterprise Linux, MS SQL Server, Nagios, NewRelic APM/Infrastructure/Browser, Octopus Deploy, Puppet, Splunk, Veracode.