Information Security Engineer
Company: Grinnell Mutual Reinsurance Company
Location: West Des Moines
Posted on: February 14, 2019
Overview Safeguards information system assets by identifying and solving potential and actual security problems. The information security engineer will identify abnormalities, report violations, and research current and future technologies, provide recommendations for improvement, and ensure the implementation of technologies meet the business goals and secure architecture. Responsibilities
- Develops strategies to respond to and recover from a security breach and implement open-source/third-party tools to assist in detection, prevention, and analysis of security threats. Conducts periodic network scans to find any vulnerability, as well as penetration testing, simulating an attack on the system to find exploitable weaknesses.
- Conducts awareness training for staff on information security standards, policies and best practices.
- Installs firewalls, data encryption and other security products and procedures.
- Develops and implements information security plans and policies.
- Monitors networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior.
- Leads incident response, including steps to minimize the impact and then conducting a technical and forensic investigation into how the breach happened and the extent of the damage.
- Provides engineering support to integrate security and compliance requirements into all enterprise information systems and projects as part of the SDLC process by working closely with various IT areas.
- Performs all other duties as assigned. Qualifications
- Bachelor's degree from an accredited college or university in information technology or information security and three or more years of information technology security experience; or equivalent combination of education and experience.
- 5+ years of information technology administration experience preferred.
- Preferred technolgy experience: advanced experience with big data, cloud, and major virtualization technologies. Demonstrated knowledge of technologies (MCSE, MCSA, GCUX, GCWN, CCIE, CCNP, F5, etc.) and security (CISSP, CISA, CISM, GPEN, GWAPT, GCIH, other GIAC certifications, OSCP, CEH, Check Point, PCNSE, etc.).
- Experience with enterprise-ready technologies at a global scale like Windows, Unix, Cisco, Palo Alto; regulatory and industry frameworks and standards (i.e. 20 critical controls, CIS, PCI-DSS, ISO 27000, NIST 800, HIPPA, etc.); and web and network penetration tools and techniques.
- Possesses sound analytical, problem-solving, and critical thinking skills. Must have ability to think creatively.
- Demonstrates ability to communicate in both oral and written fashion to both technical and non-technical personnel. Fosters open and collaborative communication in groups and meetings. Ability to use interpersonal communication skills and to interact with co-employees, customers and supervisors with tact and courtesy.
- Ability to formulate and communicate highly technical and complex security concepts to both technical and non-technical audiences in a clear and effective manner.
- Demonstrates ability to meet deadlines and understand the impact postponing or delays has on others inside and outside division.
- Exhibits self-assurance and a creative aptitude to find solutions beyond the scope of the project while demonstrating understanding of impact to other projects.
- Ability to keep regular work schedule and maintain regular, predictable attendance.
- Ability to work with minimal supervision. Working conditions and physical efforts To perform this job successfully, an individual must be able to perform each job duty and responsibility satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform job duties and responsibilities.
- The position is physically located in the home office or secondary location with a work environment of a typical office setting; noise level is relatively quiet. The position requires an individual to sit for long periods of time, use repetitive motion, and possess visual acuity demanded by work with computer and other LCD screen devices. This job description is not intended to describe, in detail, the multitude of tasks that may be assigned, but rather to give the employee a general sense of the responsibilities and expectations of his/her position. As the nature of the business demands change, so too may the job duties and responsibilities. - provided by Dice information security engineer
Keywords: Grinnell Mutual Reinsurance Company, West Des Moines , Information Security Engineer, Engineering , West Des Moines, Iowa
Didn't find what you're looking for? Search again!