This site uses cookies. To find out more, see our Cookies Policy

Sr. Information Security Engineer in Dallas, TX at Vaco

Date Posted: 5/1/2018

Job Snapshot

Job Description

The Senior Information Security Engineer serves as a key part of the security operations team to ensure the confidentiality, integrity, and availability of information assets. The Senior Information Security Engineer has extensive responsibilities, primarily focused on the ongoing solution integration, monitoring, maintenance, and configuration of new and existing security infrastructure. The Senior Information Security Engineer provides security oversight and engineering recommendations on new projects including development, network infrastructure, as well as providing quality assurance by ensuring that existing system and network configurations are in line with established security practices. The Engineer serves as part of the Information Security Team and works closely with other internal and external groups with regard to identified security incidents.

Essential Functions:


To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.


Responsibilities:


  • Maintains security systems, including web application firewalls, database firewalls, intrusion prevention systems (network and host), malware detection and analysis platforms, data loss prevention, log aggregators, and other platforms as required.
  • Monitors and maintains security systems for operational/performance issues, required patches, security vulnerabilities, and available upgrades.
  • Interacts with other internal working groups to build and maintain ongoing relationships for the improvement of security posture.
  • Identifies and recommends potential solutions to improve the existing security posture, and performs testing/proof of concept and implementation as appropriate.
  • Serves as part of the incident response team and as escalation point for malware infections and other common security incidents.
  • Responds to audit, compliance, and regulatory requirements as needed.
  • Performs vulnerability scanning and penetration testing as needed to support ongoing security efforts with patching and remediation.
  • Creates detailed security reports as necessary.
  • Other duties as assigned.

Position Qualifications:


  • Solid understanding of technology best practices for application systems development and infrastructure support (operating systems, network and computer operations, production support, and Information Security).
  • Strong understanding of the risks associated with current and emerging technologies as well as the standards and controls being developed to mitigate those risks.
  • Strong understanding of Information Technology regulations, such as Regulation S-P, Gramm-Leach-Bliley Act (GLBA), SOX, GDPR, and FFIEC.
  • Hands on ability and experience gained from multiple IT functional roles in IT governance, operations, engineering, or project management preferred.
  • Progressive experience in monitoring, maintenance, and configuration of security infrastructure (Packet filters, IDS/IPS, Encryption, DLP, Web Application and Database firewalls and monitoring, VPN devices, etc.).
  • Solid background with Windows and Linux (Unix-based) operating systems.
  • Strong verbal and written communications skills.
  • Ability to translate technical information into business language.
  • Knowledge of security frameworks such as NIST Cybersecurity or Top 20 Critical Security Controls or ISO27001
  • Supervisory experience a plus.
  • Excellent organizational skills and the ability to prioritize multiple tasks, projects and assignments.
  • Ability to meet deadlines.
  • Exhibit excellent PC skills, including word processing and spreadsheets.
  • Demonstrate excellent analytical skills and attention to detail.
  • Display excellent time management, organizational and problem-solving skills.
  • Demonstrated judgment and decision-making ability.


Education:


  • A Bachelor's degree or above in business, finance, information systems or related field or equivalent experience.
  • CISA, CIA, CISM, CISSP, and/or CPA designation(s) preferred.
  • Microsoft certification, CCNP (Cisco) certification, Certified Network Engineer or equivalent experience a plus.

Experience:


  • Minimum of 7 or more years in Information Security fields.
  • Ability and desire to work in a team environment with minimal supervision

  • Demonstrated experience maintaining and updating standards and procedures.
  • Demonstrated knowledge of information security standards and methodologies with general understanding of security processes.
  • Understanding of core IT management processes (e.g., Change Management, System Development Lifecycle, Information Security, IT Operations, etc.).
  • Ability to translate control requirements and recommendations into actionable improvements.
  • Prior experience with security tools such as IPS/IDS, Endpoint Security, Patching, AV, DLP, Firewalls, Encryption, Vulnerability Scanners a must.