Information Security Engineer
Information Security Engineers are responsible for planning and implementing security measures to protect computer networks and systems from unauthorized access. Information Security Engineers are expected to stay up-to-date on the latest cyber-security intelligence in order to anticipate security breaches. They are also responsible for preventing data loss and cyber-attacks by researching new technologies and methodologies that will effectively protect a network. Maintains the security, reliability and performance of computing systems that support the organization including firewalls, SIEMs and other security monitoring devices. Work with other administrators, users andIT management to resolve security challenges and implement new IT security solutions or services. Makes recommendations regarding security enhancements, evaluates and works with vendors on purchasing of cyber-security products. Works with other internal IT business units in designing secure systems and networks, performing risk assessments and vulnerability testing of systems.
- Implement and maintain network firewalls, Security Information and Event Management (SIEM) systems and other security monitoring systems and security measures
- Monitor computer networks and systems for security issues
- Filtering security and system log data to find suspicious activity, finding and mitigating risks before breaches occur
- Investigate security breaches and other cyber security incidents to identify root causes
- Conduct security assessments through vulnerability testing, penetration testing and risk analysis
- Verifying the security of third-party vendors and collaborating with them to meet company security requirements
- Recommends, designs and implements new cyber-security technologies and methodologies to protect systems and networks
- Keeps up to date with latest IT security trends and news in cyber security
- Serves as a technical expert on issues of information security and secure network and systems operations
- Assists in development, implementation and enforcement of network and computer security policies and procedures including incident response and disaster recovery plans
- Document systems and network security designs and processes
What You'll Need:
- Minimum of 4 years experience in information technology with a minimum of 2 years in information security
- Expertise in cyber security, firewalls, network security, security information and event management (SIEM), application security, security engineering and security architecture
- Ability to identify and mitigate vulnerabilities and explain how to avoid them.
Solid understanding of TCP/IP, computer networking, VPN, routing and switching and other network fundamental
- Solid understanding of on premise OSes (Windows, linux) and Cloud computing platforms as they relate to security
- Solid understanding of social engineering and behavioral risks
- Ability to perform vulnerability testing, penetration testing and risk assessments of applications and infrastructure
- Experience managing security in Software as a Service(SaaS) solutions
- Experience implementing and managing security controls for network on premise solutions (Wireless Access Points, Switches, Firewalls, MDM)
- Experience with system configuration and hardening guidelines for on-premise systems.
Familiarity with NIST 800 and ISO 27001 standards
- Detail-oriented and analytical mindset
- Excellent report writing and communication, ability to work well independently or with a team
- 4+ years of experience in information security or related field
- Security certifications or credentials such as CISSP, CISM, etc
- Strong Windows and Linux support skills
- Experienced in cloud networking and systems architecture and security hardening in cloud environments
- Experience with scripting languages such as PowerShell, Python, Ruby, etc
- Experience writing technical documentation, including security baselines/hardening guides.
Click here to learn more about Life at Laserfiche
Laserfiche complies with all Equal Opportunity and Affirmative Action regulations. Laserfiche makes all employment decisions – such as recruiting, hiring, training, promotion, compensation, professional development practices, discipline and termination – without regard to race, religion, color, national origin, ancestry, citizenship, sex, pregnancy, age, creed, physical or mental disability, medical condition, genetic characteristic, marital status, veteran status, gender identity/expression, sexual orientation or any other characteristic protected by law, except as may be permitted by law.
***Please note that this is NOT a remote role***