ORS Partners

Information Security Engineer

Job Locations US-Radnor
Posted Date 3 months ago(4/1/2021 3:47 PM)
Client & Job Location : Address
201 King of Prussia Rd
Client & Job Location : Postal Code
19080
Job ID
2021-8046
# of Openings
1
Category
Information Technology
Type
Regular Full-Time

Overview

The Information Security Engineer will be responsible for working with engineering, DevOps, project teams, internal groups, third parties and senior leadership to protect sensitive information.  The Information Security engineer  is accountable for designing, implementing, managing, and reporting on security controls for the organization.  They will be a thought leader, an advocate of change, and a security subject matter expert.  This role has to be able to lead security incident resolution, team development, and is looked to for expert guidance.

Responsibilities

  • Identify risks and mitigation strategies to reduce risk to acceptable levels.
  • Develop, implement and maintain a comprehensive security awareness program for both internal team members and external customers.
  • Represent Information Security on projects.
  • Facilitate and coordinate all internal and external audits, respond to findings and manage remediation efforts.
  • Manage technical environments within the organization.

Qualifications

  • Minimum 5 years of experience working as Information Security professional
  • Experience deploying, operating and maintaining Enterprise Information Security programs and controls in the financial service sector
  • Knowledge in the following information security areas:
    • Security Governance and Management
    • Security Frameworks, Policies and procedures
    • Federal, State Privacy Laws and regulatory guidelines including FDIC, FFIEC and NIST publications.
    • Security awareness training.
  • Application security controls and awareness of top security considerations for application development in the Software Development Lifecycle
  • Database security controls, including access control, auditing, and configuration best practices
  • Identity & Access management with Active Directory
  • Risk management including vulnerability assessment, control assessment, likelihood determination and risk prioritization
  • Privacy and data protection techniques and associated tools
  • Problem Solving, Process Improvement, Project Management, Network Protocols, Routers, and Switches
  • Understanding of network architecture and concepts, application architecture, and interoperability of these architectures with one another.
  • Understanding of computer and network forensics, system and network security, incident management, intrusion detection, vulnerability and patch management, log analysis, and related technologies.
  • Demonstrated ability to work well on collaborative, cross-functional teams. Solid interpersonal skills with ability to work effectively with people of all levels of information technology expertise with a wide range of constituencies and organizational relationships.
  • Excellent analytical and data gathering skills
  • Understanding of Project Management tools, techniques & methodologies.
  • Excellent communication skills; inter personal; organizational and analytical skills, written and verbal communications, experience with management presentations
  • Demonstrated ability to conduct risk assessments, audits and reviews.
  • Bachelor's degree in Computer Science, Computer Information Systems, Information Management or equivalent work experience.
  • CISSP, GIAC, CISA, CISM or similar industry certifications highly preferred.

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed