Information Security Engineer

Our client is a global leader in providing trusted information and insights to accelerate the pace of innovation. They offer subscription and technology-based solutions coupled with deep domain expertise that cover the entire lifecycle of innovation – from foundational research and ideas to protection and commercialization

As an Information Security Engineer, you will be responsible for planning, implementing, and coordinating risk management, risk mitigation and recovery programs within your areas of responsibility. Oversees ongoing compliance efforts across technology, developing and providing controls, standards, process improvement recommendations, technical guidance, leadership, awareness, and education on compliance and information security practices. You will also bring a level of specialization in cloud services.

Job Responsibilities

• Provide security advisory services support by recommending improvements in information security systems, procedures and processes based on industry best practices and innovative thinking
• Define requirements, based on the overall information security strategy, and implement capabilities to comply with established standards to help mitigate security risks
• Provide responses to customer security questionnaires and internal and external auditors regarding information security capabilities and controls
• Monitor for security incidents and participate in incident response teams to contain, investigate, and prevent future information security incidents
• Understand current and emerging security threats and design security capabilities to mitigate threats where possible
• Stay abreast of new security technologies and integrate them into the security architecture design where appropriate
• Analyze IT projects and roadmaps and identify security dependencies and risks, and design solutions to remediate information security risks
• Manage all information security capabilities including threat management, vulnerability management and incident management
• Design, implement and test information security controls in enterprise, cloud, and product environments
• Write and enforce information security policies, standards, guidelines and standard operating procedures
• Participate in internal Blue and Red Team activities

 Job Requirements

• Proven track record for delivering results
• Advanced interpersonal and communication skills with the ability to collaborate effectively in a team environment and promote ideas at various levels of the organization
• Strong self-directed work habits exhibiting initiative, drive, creativity, maturity, self-assurance, professionalism and the ability to autonomously manage multiple concurrent projects
• Advanced analytical and decision-making skills
• Minimum of 7 years of hands-on technical experience designing, implementing, and supporting information security solutions in enterprise and cloud environments
• Expert-level knowledge of security principles and technologies in application, infrastructure, network, cloud and endpoint security
• Experience working with security vendors to evaluate products, analyze security functionality and submit feature requests
• Experience with Linux, Windows and Mac OS X operating systems
• Experience with scripting languages, data structures, and API integrations
• Previous consulting or sales engineering experience is ideal
• Bachelor’s degree (Master’s degree is ideal) in computer science or equivalent experience
• CISSP or SANS GIAC certification