Published: Aug 28, 2025 - The Information Security Engineer handles cybersecurity incidents by analyzing logs, threat intelligence, and alerts to identify, assess, and remediate risks through root cause analysis and malware investigation. This role collaborates with business units, supports security engineering functions, and improves operational effectiveness by tuning security tools, automating processes, and maintaining incident response documentation. The engineer also develops dashboards, updates response playbooks, and assists with the evaluation and implementation of best practices across security applications and domains.

Tips for Information Security Engineer Skills and Responsibilities on a Resume
1. Information Security Engineer, Arra Finance, Carrollton, TX
Job Summary:
- Monitor security information in a global environment, identifying threats, and taking action on alerts
- Investigate intrusion attempts and perform in-depth analysis of exploits
- Identify opportunities for implementing additional technology controls to create more visibility or defend key points of attack
- Engage with partners in engineering, IT, and operations to respond to and remediate events
- Assess and resolve current and prospective customers’ security and/or compliance requests
- Assist with the development of processes, procedures, and run-books to improve incident response times, analysis of incidents, and overall security operations functions
- Support penetration testing and vulnerability initiatives throughout the organization
- Create incident reporting detailing incident events and lead post-mortem reviews
- Maintain and report key security metrics
Skills on Resume:
- Threat Monitoring (Hard Skills)
- Intrusion Analysis (Hard Skills)
- Technology Controls (Hard Skills)
- Cross-Functional Collaboration (Soft Skills)
- Customer Assessment (Soft Skills)
- Incident Handling (Hard Skills)
- Vulnerability Support (Hard Skills)
- Reporting (Soft Skills)
2. Information Security Engineer, In-Depth Engineering Corporation, Liverpool, NY
Job Summary:
- Assists in the execution of the Information Security Program, Data Governance practices, and Privacy assurance
- Coordinate and team with IT on the security of the network, firewalls, IDS/IPS, and WAF
- Work with various Technology Teams to secure their processes and technologies
- Monitors, tracks, and reports on compliance with security requirements, and works with the responsible parties to drive timely remediation
- Continue to grow a defense-in-depth strategy by integrating various security technologies
- Generates and monitors effective and actionable Information Security reporting across the technical landscape and provides pertinent input to briefing presentations
- Executes as a reliable second line of defense via documented processes, controls, templates, and rigors
- Participates in the global distribution of the enterprise Cyber-Security Operations Security Awareness training and campaigns
- Practices applicable procedures and standards that meet existing and newly developed policy and regulatory requirements (i.e., PCI-DSS, SOX, GDPR, CCPA)
- Keeps abreast of the latest security and privacy legislation, regulations, advisories, alerts, and vulnerabilities about the organization
Skills on Resume:
- Information Security (Hard Skills)
- Network Security (Hard Skills)
- Process Protection (Hard Skills)
- Compliance Tracking (Hard Skills)
- Defense Strategy (Hard Skills)
- Security Reporting (Hard Skills)
- Awareness Training (Soft Skills)
- Regulation Knowledge (Soft Skills)
3. Information Security Engineer, Young Living Essential Oils, Lehi, UT
Job Summary:
- Follow the Patching Life Cycle and Change Management processes and identify, assess, schedule, and communicate patches before applying via the change management systems
- Manage hardware certificates for PKI Certificate Authority by creating, renewing, and loading CSRs based on the features/ functionality for the infrastructure
- Participate in designing and troubleshooting infrastructure including networking, load balancing and capacity planning
- Capable of juggling many tasks and reprioritizing daily, depending upon the constant change of the status of project deliverables and production infrastructure
- Work a swing shift to better align with business hours to participate in critical meetings
- Work with vendors and other LOB partners
- Coordinate with the vendor support teams to ensure issues impacting Wells Fargo are resolved quickly and effectively
- Capable of creating technical/engineering documentation
- Participates in interactions with technical, engineering, and non-technical partners across the Enterprise for technologies listed above
Skills on Resume:
- Patch Management (Hard Skills)
- Certificate Handling (Hard Skills)
- Infrastructure Support (Hard Skills)
- Task Prioritization (Soft Skills)
- Shift Flexibility (Soft Skills)
- Vendor Coordination (Soft Skills)
- Issue Resolution (Soft Skills)
- Tech Documentation (Hard Skills)
4. Information Security Engineer, Vytalize Health, Hoboken, NJ
Job Summary:
- Develop and generate Systems Design Packages, to include conceptual, logical, and physical architecture/designs and resulting artifacts, including documents and drawings, configuration policies and guidelines, testing analyses, test plans, and risk assessments to ensure sound architecture
- Implement, modify, and update InfoSec technologies to ensure optimal performance and security posture following a defined change control process
- Research technological advancements to ensure that Infosec solutions are continuously improved, supported, and aligned with industry and company standards as well as emerging business requirements
- Evaluate complex technology environments and platforms and recommend technical solutions for mitigation and/or remediation of security risks
- Ensure Infosec technologies are designed, implemented and maintained in alignment with InfoSec standards
- Provide qualified guidance on and coordinate the execution of identification, analysis, response and monitoring of cyber threats and vulnerabilities
- Provide qualified guidance on SOC alerting conditions and necessary data sources including network, host, data, integration, and application access security in multiple operating system environments (Windows, Solaris, Linux, etc.)
- Troubleshoots and demonstrates problem-solving skills in the identification of the root causes of business performance and execution issues by using process and data analysis
- Work with detection/prevention systems (IDS/IPS), Identity and Access Management technologies, integrity monitoring, Endpoint Detection and Remediation (EDR) tools, vulnerability management, data loss prevention (DLP), advanced persistent threat (APT), and policy compliance
- Work with technology vendors and IS purchasing in vendor negotiations and selection
Skills on Resume:
- Systems Design (Hard Skills)
- Technology Implementation (Hard Skills)
- Security Research (Hard Skills)
- Risk Mitigation (Hard Skills)
- Threat Guidance (Soft Skills)
- Alert Analysis (Hard Skills)
- Problem Solving (Soft Skills)
- Vendor Selection (Soft Skills)
5. Information Security Engineer, Aretec Inc, Camp Springs, MD
Job Summary:
- Performs security code reviews on various applications from an Information Security point of view and identifies the security vulnerabilities within various related systems
- Review code, design, and interfaces within various related systems from an Information Security point of view
- Issue disposition identified in Fortify FPR, manually review the code
- Identify the security vulnerabilities and prepare and submit the Source Code Review report
- Lead and guide a high-performance team of security engineers focused on driving the success of manual and automated static analysis security testing capabilities within the SCR Team
- Provide the necessary guidance and oversight for establishing/maintaining the effective quality of the reports delivered by the Jr engineers
- Bring in coding practices, standards
- Mentor developers from various teams to better their code in terms of efficiency, security and maintainability
- Relate Organizational security standards to the code and design
- Perform activities like risk analysis, impact analysis, and interface agreements
- Involved in the team process and contribute to its improvement
- Maintains an advanced awareness of bank security policies and government regulations about information security
- Participates in recommending changes to information security policy, standards and procedures for SCR processes/systems/tools
Skills on Resume:
- Code Review (Hard Skills)
- Vulnerability Detection (Hard Skills)
- Report Preparation (Hard Skills)
- Team Leadership (Soft Skills)
- Quality Oversight (Soft Skills)
- Secure Coding (Hard Skills)
- Developer Mentoring (Soft Skills)
- Policy Compliance (Soft Skills)
6. Information Security Engineer, Pattern Energy Group LP, Houston, TX
Job Summary:
- Designs, implements and maintains information security processes and procedures to protect company information assets
- Works on a team within the Technology organization, focusing on security programs, processes and initiatives while collaborating with other organization units within the company
- Provides risk analysis to help minimize risks associated with key mission-critical applications and infrastructure components
- Provides tactical incident responses, including forensics, in addition to performing services like vulnerability assessments and FW/IPS/IDS analysis
- Maintains security by monitoring and ensuring compliance with standards, policies and procedures
- Manages and monitors regular activities, logs and events from various security solutions including Anti-Virus, IPS/IDS, SIEM, and other network hardware
- Monitors threat landscape for emerging threats
- Communicates threat information to management
- Provides management and maintenance of critical security hardware and software including Firewalls, IPS/IDS, Anti-Virus, Endpoint protection, ID Management and web filtering
- Provides security consulting and policies in areas of user provisioning and maintenance, access control, group policy designs and server/network hardening
- Provides vulnerability and patch management
- Leads strategic technology and security initiatives to build and maintain key elements of the company’s security infrastructure
- Designs, manages and maintains tools to automate processes
Skills on Resume:
- Security Processes (Hard Skills)
- Risk Analysis (Hard Skills)
- Incident Response (Hard Skills)
- Threat Monitoring (Hard Skills)
- Policy Compliance (Soft Skills)
- Security Consulting (Soft Skills)
- Patch Management (Hard Skills)
- Process Automation (Hard Skills)
7. Information Security Engineer, Deseret Mutual Benefit Administrators, Salt Lake City, UT
Job Summary:
- Daily review of system access requests, firewall changes, external vulnerability detection and remediation
- Provide support and operations of vulnerability management, secure coding best practices, static code analysis, dynamic code analysis, threat modeling, and their integration into the release management process, including automation functionality
- Third-party vendor security reviews and ensuring they adhere to security standards
- Maintains and develops security requirements by evaluating business strategies and needs
- Researching information security standards
- Conducting system security and vulnerability analyses along with risk assessments
- Studying architecture/platform, identifying integration issues and preparing cost estimates
- Verifies the security of applications and infrastructure by developing and maintaining various security testing methodologies, which include vulnerability scanning, internal penetration testing, secure code analysis, and manual review
- Helps maintain security by monitoring and ensuring compliance with standards, policies, and procedures
- Developing and conducting training programs
Skills on Resume:
- Access Review (Hard Skills)
- Vulnerability Ops (Hard Skills)
- Vendor Security (Soft Skills)
- Security Strategy (Soft Skills)
- Risk Assessment (Hard Skills)
- Security Testing (Hard Skills)
- Policy Compliance (Soft Skills)
- Security Training (Soft Skills)
8. Information Security Engineer, Utica National Insurance Group, Charlotte, NC
Job Summary:
- Performs detailed risk assessments of key business initiatives and vendors
- Identifies security gaps and communicates requirements
- Evaluates and recommends enhancements and performs gap analysis
- Helps coordinate and execute information security projects as defined and prioritized in the overall information assurance strategy
- Evaluates the security posture of the company's technology as well as any related data assets to ensure internal security controls are appropriate and operating as intended
- Stays well-informed and current on the latest information security technologies, methodologies, and events
- Identifies external resources such as vendors, products, or services that may assist in meeting information assurance objectives or promote lower security costs
- Evaluates and delivers recommendations about the procurement of security-related technology including software, hardware, and services
- Evaluates and delivers feedback on the potential security aspects or impact of non-security related technology including software, hardware, and services
- Liaisons with external information security vendors and service providers
Skills on Resume:
- Risk Assessment (Hard Skills)
- Gap Analysis (Hard Skills)
- Project Execution (Soft Skills)
- Security Evaluation (Hard Skills)
- Tech Awareness (Soft Skills)
- Vendor Research (Soft Skills)
- Procurement Advice (Soft Skills)
- External Liaison (Soft Skills)
9. Specialist, Information Security Systems Engineer, L3Harris Technologies, Salt Lake City, UT
Job Summary:
- Design, implement, manage, and administer the technical information security (IS) solutions for the assigned corporate infrastructure, network, systems, applications, tools, and scripts
- Participate in the IT change management review process to ensure adherence to Information Security requirements
- Perform hands-on technical vulnerability testing of the company’s technology, infrastructure, network, systems and applications, and work with IT to assist in resolutions
- Research and conduct projects for new Information Security technical initiatives
- Ensure compliance with customer cybersecurity requirements
- Monitor cybersecurity requirements for local and wide area network and associated network devices, operating systems and other associated applications
- Document and coordinate product security policies and procedures with the corporate cybersecurity function
- Perform security assessment of applications and systems using various scanning tools
- Assist with risk analysis and NIST control selection
- Coordinate with customers on cybersecurity-related issues
- Investigate security alerts to determine applicability to the product environment
Skills on Resume:
- IS Solutions (Hard Skills)
- Change Review (Soft Skills)
- Vulnerability Testing (Hard Skills)
- Security Projects (Soft Skills)
- Compliance Monitoring (Hard Skills)
- Policy Documentation (Soft Skills)
- Security Assessment (Hard Skills)
- Risk Coordination (Soft Skills)
10. Information Security Engineer, Alianza, Inc., Pleasant Grove, UT
Job Summary:
- Lead security initiatives of the highest complexity and visibility levels
- Work directly with project teams to install, configure, maintain and troubleshoot systems/procedures to solve complex problems, balancing business needs against potential risks
- Ensures the safety of information system assets, protecting them from intentional, inadvertent access, modification or destruction
- Provide vision and strategy and lead a team of security professionals in developing, enhancing, and communicating information security policies, standards and procedures
- Directly work with project teams, business units and subsidiaries to remediate/identify current and future risks, and create/communicate preventative methodologies
- Recommend and implement changes to existing security policies and control standards to stay abreast of the threat landscape
- Develop, maintain and enforce corporate information security policies, standards and guidelines encompassing data and intellectual property security
- Formally and informally respond to customer and regulatory requests about information security services, mechanisms and safeguards
- Regular communications with regulatory, privacy and legal stakeholders and active participation in internal and external audit activities
- Build rapport, credibility and cohesion across all business, operational and technology teams
Skills on Resume:
- Security Leadership (Soft Skills)
- Risk Management (Hard Skills)
- Asset Protection (Hard Skills)
- Policy Strategy (Soft Skills)
- Risk Communication (Soft Skills)
- Control Updates (Hard Skills)
- Audit Support (Soft Skills)
- Team Collaboration (Soft Skills)
11. Information Security Engineer, Zachary Piper Solutions, LLC, Columbia, MD
Job Summary:
- Maintain strong knowledge and understanding of business needs, evidenced by the ability to establish and maintain a high level of trust and confidence
- Support the development of the Information Security strategy by forming relationships with businesses and technology areas to understand their associated risks and issues to influence security decision-making
- Actively champion and contribute to the continuous improvement of the Information Security Management (ISM) area
- Apply best practices using innovative ideas to increase awareness and effectiveness of the Security Management organization
- Proactively identify opportunities to expand and enhance knowledge of the ISM area
- Act as an SME for security issues
- Represent the organization in industry and standards groups related to security
- Collaborate with stakeholders to determine the current and future level of enterprise investment to sustain compliant and robust security standards
- Measure impact through budget management and forecasting
- Track, analyze and leverage control and release management vulnerability data
Skills on Resume:
- Business Insight (Soft Skills)
- Strategy Support (Soft Skills)
- ISM Improvement (Soft Skills)
- Best Practices (Hard Skills)
- Knowledge Growth (Soft Skills)
- Security Expertise (Hard Skills)
- Stakeholder Alignment (Soft Skills)
- Data Analysis (Hard Skills)
12. Information Security Engineer, Mayo Clinic, Rochester, MN
Job Summary:
- Finding and building methods to detect malicious activity
- Creating and customizing tooling to support security analysis
- Finding out how stuff actually works under the hood
- Provide technical guidance and help system administrators, network engineers and software developers to protect and secure applications as well as intellectual property
- Create and implement system hardening guidelines
- Implement, maintain and operate technical security controls like firewalls, IDS/IPS, DDoS protection and EDR
- Perform risk analysis to identify any security issues that could lead to lost or stolen data
- Monitor current security alerts to patch software such as operating systems, with the latest versions
- Identify security breaches and take action to stop them and prevent them in the future
- Implement the right software and hardware into current and future network environments
- Working in an international team and environment
Skills on Resume:
- Threat Detection (Hard Skills)
- Tool Development (Hard Skills)
- System Analysis (Hard Skills)
- Technical Guidance (Soft Skills)
- System Hardening (Hard Skills)
- Control Operation (Hard Skills)
- Breach Response (Hard Skills)
- Global Collaboration (Soft Skills)
13. Information Security Engineer, Cyber Advisors, Maple Grove, MN
Job Summary:
- Provides subject matter expertise when applying cybersecurity concepts and technologies
- Provides cybersecurity engineering expertise and support to improve existing information technology systems
- Work with Information Technology and Cybersecurity to develop and institute a secure system/network
- Work with Information Technology in the maturation, implementation, and configuration of endpoint security controls, including antivirus, whitelisting, patch management and encryption technologies
- Develop and help Information Technology implement platform and network security controls
- Ensure optimal configuration standards are met on existing infrastructure
- Monitor daily for cybersecurity events on DLC's network, and report findings to the Cybersecurity Operations Manager
- Review endpoints to confirm compliance with endpoint security policies, procedures, and standards
- Ensure a successful vulnerability scanning and patch management process
- Test the compatibility of endpoint security controls with new configurations or new endpoint operating systems
- Coordinate the workflow of a given team
- Support the review of work and training of other employees
Skills on Resume:
- Cyber Expertise (Hard Skills)
- Security Engineering (Hard Skills)
- Secure Systems (Hard Skills)
- Endpoint Controls (Hard Skills)
- Platform Security (Hard Skills)
- Event Monitoring (Hard Skills)
- Team Coordination (Soft Skills)
- Staff Training (Soft Skills)
14. Information Security Engineer, SmallSecureTech, Boise, ID
Job Summary:
- Participate in the Security Incident Response Team (SIRT)
- Help SIRT to employ strategy, standards, processes and technology to detect, respond and recover from security incidents
- Limit the impact of any such occurrence or recurrence by using risk-based triage
- Serve as a security resource in network or application design, operating systems, endpoint protection, mobile devices, and foundational InfoSec technical controls
- Maintain and roadmap InfoSec-hosted systems (e.g., SIEM, DLIP) and drive continuous improvement
- Participate in the Global InfoSec Risk Management Program
- Work with other functional area analysts and project teams, ensuring InfoSec policies/standards are part of designs to mitigate identified risks sufficiently, while meeting business objectives and regulatory requirements
- Develop process improvements and manage Key Performance Indicators
- Ensure that business and technical requirements are aligned with policy and are implemented within regulatory and contractual compliance
- Advocate for cyber risk mitigation during planning sessions and implementation of new services
- Maintain awareness of all aspects of information security and compliance, including PCI, SOX, and HIPAA requirements for information systems and industry best practices, such as NIST 800-53, ISO 27001, COBIT, NIST 800-171, etc.
- Contribute to forensic investigations/analysis, including collaboration with governmental agencies
Skills on Resume:
- Incident Response (Hard Skills)
- Risk Triage (Hard Skills)
- Security Consulting (Soft Skills)
- System Maintenance (Hard Skills)
- Policy Integration (Soft Skills)
- Process Metrics (Hard Skills)
- Compliance Alignment (Hard Skills)
- Forensic Support (Hard Skills)
15. Information Security Engineer, SafeNetWorks, Reno, NV
Job Summary:
- Operate as a member of the RIS Security Team, focused primarily on the DevSecOps team to execute upon information security-related strategies
- Provide research and analysis related to application vulnerability resolution
- Participate in pair programming and/or be able to handle complex tasks with limited direction or guidance
- Lead and identify complex tasks with limited direction or guidance
- Learn or bolstering existing information security knowledge is expected
- Participate and collaborate in various forums (like daily huddle and architecture risk assessments), identifying concerns (risks) and/or insights
- Perform research gathering, collaboration, and or support efforts for security events/incidents
- Drive forward existing cloud security stack and security automation stack, including maintenance of existing environment, developing new solution architectures, and implementing them to improve capabilities
- Consult and advise engineering teams to influence secure design, deployment, and maintenance of cloud-based non-security applications and workloads
- Define and implement secure standards for relevant security services
- Review, assess and document current architectures
- Design and develop security architectures for custom applications
- Represents the security platform in the development and implementation of the overall global cloud architecture
Skills on Resume:
- DevSecOps Support (Hard Skills)
- Vulnerability Analysis (Hard Skills)
- Secure Coding (Hard Skills)
- Security Research (Hard Skills)
- Cloud Security (Hard Skills)
- Architecture Design (Hard Skills)
- Security Consulting (Soft Skills)
- Standards Definition (Hard Skills)
16. Information Security Engineer, CyberForge Solutions, Eugene, OR
Job Summary:
- Participates in the research, analysis, design, testing and implementation of complex computer network security/protection technologies for company information and network systems/applications
- Design, implement, maintain, and optimize robust, scalable, highly automated, and secure technical solutions in support of the network security infrastructure
- Work as a member of a geographically diverse team of experts to integrate large-scale network security solutions utilizing numerous advanced technologies across a global enterprise environment
- Analyze and assess centralized authentication systems and identify gaps leading to potential improvements
- Create scripts, employ tools, develop automation techniques, and pursue ideas to increase the manageability, efficiency, compliance, capability, capacity, and security of devices
- Design efficient, repeatable and measurable human processes for employing network security technologies and distributed management systems
- Provide subject matter expertise in the areas of AAA, TACACS, RADIUS, and 802.1x Network Access Control (NAC)
- Create comprehensive engineering documentation including functional requirements, design proposals, network diagrams, workflow diagrams, application communications diagrams, configuration documents, support documentation, training materials, and project documents
- Manage and maintain network security systems throughout the technology life-cycle
- Provide technical guidance to less experienced staff
Skills on Resume:
- Network Security (Hard Skills)
- Solution Design (Hard Skills)
- Global Integration (Soft Skills)
- Auth Systems (Hard Skills)
- Security Automation (Hard Skills)
- Process Design (Soft Skills)
- Access Control (Hard Skills)
- Tech Mentoring (Soft Skills)
17. Information Security Engineer, ShieldGuard LLC, Madison, WI
Job Summary:
- Perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document and remediate organizational risk, control gaps and vulnerabilities
- Responsible for developing security reports, security recommendations, and security policies and procedures that are meaningful, defensible, and actionable for a variety of audiences as pertained to assigned business units
- Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts for items
- Participate and be an integral component of audit, compliance, and regulatory functions
- Audits of system security to ensure compliance with the Corporate security framework
- Participate in a vulnerability management program
- External and internal vulnerability scans of applications and systems
- Document and remediate identified vulnerabilities and exploits
- Routinely monitoring various communication avenues for security vulnerabilities and security patches
- Taking a risk-based approach to compare those security vulnerabilities and security patches across the operating environments
- Making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
- Coordinate with business units, operations, and technology teams for incident response, remediation, and improvement
- Acts as the initial point of contact to facilitate the handling of security incidents and requests
- Conducts technical investigations resulting in successful root cause analysis of intrusions, and makes real-time decisions about incidents as they occur
- Supports the creation of business continuity/disaster recovery plans, to include conducting disaster recovery tests, publishing test results, and making changes necessary to address deficiencies
- Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units
Skills on Resume:
- Risk Assessment (Hard Skills)
- Security Documentation (Soft Skills)
- Log Analysis (Hard Skills)
- Audit Support (Soft Skills)
- Vulnerability Scanning (Hard Skills)
- Patch Management (Hard Skills)
- Incident Response (Soft Skills)
- Recovery Planning (Soft Skills)
18. Information Security Engineer, NetSafe Innovations, Charleston, SC
Job Summary:
- Provide senior-level technical support of mainframe security in a large, complex Multi-LPAR RACF environment utilizing RRSF (RACF Remote Sharing Facility), zSecure, RACF/DB2 and CICS
- Work with internal and end-user personnel to define customized access solutions, reporting, notification, and data gathering
- Occasional after-hours support for implementations
- Participates in the research, analysis, design, testing and implementation of complex computer security/protection technologies for company information and systems/applications
- Performs periodic detailed assessments of the operating system and infrastructure components' security configuration
- Identify security vulnerabilities and provide remediation alternatives
- Participates in the evaluation of vendor proposals, new and existing security designs, and emerging security technologies and systems
- An alternative role may include leveraging existing zSeries skills to work on mainframe security remediation projects
- Using a Wells Fargo methodology, leads or assists senior engineers in researching, analyzing, designing, testing and implementing security solutions
- Leads or assists senior-level engineers with analysis
- Identify security vulnerabilities and conduct security risk assessments to ensure compliance with corporate security policies and adherence to best practices
- Assists in computer security incident response activities and technical investigations of security-related incidents
- Provide technical guidance to less experienced staff
Skills on Resume:
- Mainframe Security (Hard Skills)
- Access Solutions (Soft Skills)
- System Assessment (Hard Skills)
- Vulnerability Remediation (Hard Skills)
- Security Evaluation (Hard Skills)
- Incident Response (Soft Skills)
- Risk Assessment (Hard Skills)
- Staff Mentoring (Soft Skills)
19. Information Security Engineer, InfraLock Security, Des Moines, IA
Job Summary:
- Develop, implement, and maintain security assessment processes and tools to review security controls for mission-critical engineering and ERP applications (SAP and Team Center PLM)
- Provide security architectural leadership to ERP and engineering applications' cybersecurity programs
- Conduct a security assessment and implement remedial measures on SAP Systems in close alignment with the application teams
- Conduct a security assessment on internal applications/infrastructure and deliver reports detailing assessment observations and associated recommendations for information security program development to help the client meet security and compliance standards
- Align standards, frameworks and security with the overall business and technology strategy
- Identify security design gaps in existing and proposed architectures and recommend changes or enhancements
- Review the design of new and existing functionality for security vulnerabilities and suggest best practices and improvements
- Triage results of penetration tests, security scans, and educate development teams on the reported issues, and recommend approaches to resolve or mitigate the issues
- Ability to take a broad view of the position and take initiative to communicate, interact, and cooperate with others to ensure that all aspects of a security concern are addressed
- Perform technical research into advanced, targeted attacks, crimeware campaigns, malware and other emerging technologies and techniques to identify and report on cyber-attacks and attackers
- Perform proactive research to identify, categorize and produce reports on new and existing threats
- Continuously and proactively assesses the ERP and engineering applications for cybersecurity weaknesses, and prioritizes plans to enhance security controls
- Develop, monitor, and manage cybersecurity performance and hygiene metrics related to the ERP and engineering applications
Skills on Resume:
- Security Assessment (Hard Skills)
- ERP Leadership (Hard Skills)
- Vulnerability Reporting (Hard Skills)
- Architecture Review (Hard Skills)
- Gap Analysis (Hard Skills)
- Team Education (Soft Skills)
- Threat Research (Hard Skills)
- Security Metrics (Hard Skills)
20. Information Security Engineer, DataDefender Inc, Fargo, ND
Job Summary:
- Work with key stakeholders across the company to define, design and implement effective security controls and remediate vulnerabilities
- Improve security posture and reduce risk to acceptable levels
- Conduct assessments of threats and vulnerabilities and determine deviations from acceptable security baselines
- Manage security technology processes and solutions, sometimes through 3rd parties, including endpoint protection, vulnerability management, and SIEM
- Review security events for context, appropriateness, and criticality and be an incident responder
- Create security operations playbooks to ensure a consistent approach and response to current and emerging threats
- Assist with analysis and process improvement of identified security issues, taking the initiative to create solutions
- Support and assist in compliance efforts by implementing and maintaining security controls and processes
- Help drive security awareness
- Stay current with industry trends
Skills on Resume:
- Control Design (Hard Skills)
- Risk Reduction (Soft Skills)
- Threat Assessment (Hard Skills)
- Tech Management (Hard Skills)
- Incident Response (Hard Skills)
- Playbook Creation (Hard Skills)
- Process Improvement (Soft Skills)
- Security Awareness (Soft Skills)
21. Information Security Engineer, SecureWave Technologies, Santa Fe, NM
Job Summary:
- Analyze IT systems to assess security risks in existing systems like O365, AWS, etc.
- Design and implement safety measures and data recovery plans with the help of the Axiata group
- Secure networks through firewalls, password protection and other systems
- Inspect hardware for vulnerable points of access and harden the system
- Monitor network activity to identify issues early and communicate them to the IT Director
- Act on privacy breaches and malware threats
- Serve as a security expert and conduct training
- Draft custom policies and guidelines
- Monitoring the compliance list with regulatory
- Implement, maintain and review the NIST cybersecurity framework
- Involved in NIST, CyberSecurity and other internal security Audits
- Managing and monitoring all installed systems and infrastructure
- Installing, configuring, testing and maintaining operating systems, application software and system management tools
- Write and maintain custom scripts to increase system efficiency and lower the human intervention time on any tasks
- Participate in the design of information and operational support systems
- Provide 1st and 2nd level support
- Liaise with vendors and other IT personnel for problem resolution, who will be part of a global team responsible for implementation
- Work with inter-departmental teams to understand the systems and guide/implement security features
Skills on Resume:
- Risk Analysis (Hard Skills)
- System Hardening (Hard Skills)
- Network Security (Hard Skills)
- Threat Response (Hard Skills)
- Policy Drafting (Soft Skills)
- Compliance Monitoring (Hard Skills)
- Script Automation (Hard Skills)
- Team Collaboration (Soft Skills)
22. Information Security Engineer, TrustGrid Consult, Boise, ID
Job Summary:
- Help drive detection and response strategy across the Venmo enterprise
- Ensure the team has proper visibility into logging sources
- Respond to incidents both as an incident commander and contributor
- Document and automate incident response playbooks
- Partner with other engineering and operations teams to understand requirements for tooling and integrations
- Develop tools or software and deploy infrastructure to enable new detection capabilities and automated response
- Research emerging attack vectors and techniques
- Work with other engineering teams to enable detections within their platforms and products
- Mentor junior members of the team and act as a subject matter expert
- Conceptualize, design, procure, and/or build secure information technology systems, with responsibility for aspects of system and/or network development
- Provide the support, administration, and maintenance necessary to ensure effective and efficient information technology system performance and security
- Identify, analyze, and mitigate threats to internal information technology systems and/or networks
- Perform highly specialized review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence
- Provide specialized denial and deception operations and collection of cybersecurity information that may be used to develop intelligence
- Investigate cybersecurity events or crimes related to information technology (IT) systems, networks, and digital evidence
Skills on Resume:
- Detection Strategy (Hard Skills)
- Incident Response (Hard Skills)
- Tool Development (Hard Skills)
- Threat Research (Hard Skills)
- Platform Integration (Hard Skills)
- Team Mentoring (Soft Skills)
- System Security (Hard Skills)
- Cyber Investigation (Hard Skills)
23. Information Security Engineer, QuickSecure Solutions, Little Rock, AR
Job Summary:
- Configure, deploy and manage Web Application Firewall (WAF) and Bot mitigation solutions, as well as integration of those platforms with other solutions as the need arises
- Own processes for continuously fine-tuning security rules and processes for efficient detection and mitigation
- Provide hands-on engineering support for WAF, Bot-mitigation and other security solutions
- Utilize Elasticsearch/Kibana to build observability into risk events, triggering alerts
- Securing Customer Security accounts from various Security and fraud-related attack vectors
- Develop and maintain security utilities and metrics dashboards that help the team track/report on compliance and potential improvements
- Develops scalable security management tools and processes
- Collaborate with peer InfoSec teams in security incident investigations, and drive the security charter across the organization
- Review security findings/violations reports and coordinate remediation efforts
- Build automated test suites for common application (OWASP10) vulnerabilities
Skills on Resume:
- WAF Management (Hard Skills)
- Rule Tuning (Hard Skills)
- Engineering Support (Hard Skills)
- Event Monitoring (Hard Skills)
- Account Protection (Hard Skills)
- Dashboard Metrics (Hard Skills)
- Tool Development (Hard Skills)
- Security Collaboration (Soft Skills)
24. Information Security Engineer, GuardianCyber, Anchorage, AK
Job Summary:
- Serve as the functional subject matter expert for the Palo Alto Networks firewall
- Making critical decisions on enterprise security policies
- Utilizing the security monitoring tools to support audits (Ex, AlgoSec, Firemon)
- Reporting and reviewing the compliance status and taking remediation actions
- Determine the severity and complexity of issues about the security and protection of systems data, (autonomously or as part of a team)
- Ensure the protection, conservation and accountability of proprietary, personal, or privileged electronic data
- Collaborate with the director, managers, and other technical personnel to ensure the mitigation of security risks for the company
- Evaluates and develops secure solutions, based on approved security architectures and standards
- Promote continued integration of technological advances to further enhance security and reduce risks
- Consults on various projects regarding secure design standards and security information management
- Develop and direct the implementation of security standards and best practices for the organization
- Evaluates analysis of suggested solutions and innovative approaches to complex issues, as well as complex conceptual analysis, ensuring implementation
- Plans, conducts, and responds to internal and external cybersecurity audits and questionnaires
- Interprets and documents audit results
- Recommends and implements corrective actions
- Participate with cyber security analysts and architects, providing guidance and expertise in incident/issue response and resolution methodology
- Defines, implements, audits, and maintains firewall security policies
- Promote the development of innovative approaches and solutions to complex problems and issues
- Works on highly complex projects and tasks that require in-depth knowledge of one or more specialized architecture areas such as security, applications, information, solution and business
- Serve in a supervisory capacity, provide lead direction, ensuring the formulation and implementation of procedures and systems
Skills on Resume:
- Firewall Expertise (Hard Skills)
- Policy Decision (Hard Skills)
- Audit Support (Soft Skills)
- Compliance Actions (Hard Skills)
- Data Protection (Hard Skills)
- Risk Mitigation (Soft Skills)
- Secure Design (Hard Skills)
- Project Leadership (Soft Skills)
25. Information Security Engineer, CyberHarbor LLC, Portland, ME
Job Summary:
- Working as team lead for SAML and OAuth Implementation
- Working as a team lead to determine Entitlement solutions (familiarity with Oracle Entitlement Server)
- Determining operational feasibility by evaluating, analyzing, problem definition, requirements, solution development, and proposing solutions
- General support of security systems and applications to maintain the availability standard and protect from any outage, performance degradation and vulnerabilities
- Assisting in the Implementation of application patches and upgrades
- Developing quality deliverables including configuration, unit testing, and support documentation
- Reviewing documentation, processes or procedures, and recommending where automation or improvements can be implemented
- Provides comprehensive, in-depth consulting and leadership to the team and partners
- Provide guidance and oversight in assessing security infrastructure and network and systems design to ensure system/network security
- Identify security risks, threats, and vulnerabilities of networks, systems, applications and new technology initiatives
- Provide oversight in the development, testing and operation of firewalls, intrusion detection systems, enterprise anti-virus systems and software deployment tools
- Develop policies and procedures for securing the system infrastructure and applications
- Develop complex technical and programmatic assessments, evaluate engineering and integration initiatives and provide technical support to assess security policies, standards and guidelines
- Perform product evaluations, recommend and implement products/services for network security
- Interact with clients and provide recommendations on information assurance engineering standards, implementation dependencies and changing information assurance-related technologies
Skills on Resume:
- SAML Implementation (Hard Skills)
- OAuth Configuration (Hard Skills)
- Entitlement Management (Hard Skills)
- Security Consulting (Soft Skills)
- Risk Assessment (Hard Skills)
- Patch Deployment (Hard Skills)
- System Automation (Hard Skills)
- Team Leadership (Soft Skills)
26. Information Security Engineer, TekShield, Helena, MT
Job Summary:
- Conducts and evaluates all-source analytic production of network operations technologies and cyber warfare tactics and techniques
- Procedures to assess computer network defense and information assurance in support of customer organizations
- Projects the discovery, development, and deployment of advanced technologies and their potential impact on forces worldwide
- Performs risk assessments based on network events to determine operational impact and conduct all-source research and analysis to identify, exploit, and assess potential threats and vulnerabilities to operations
- Prepares products to describe and document findings and activities
- Assess computer network defense and information assurance in support of customer organizations
- Provide certified and experienced vulnerability assessment analysts to conduct off-site system vulnerability, network architecture, policy and procedure, application, and system integrity reviews
- Assist with the development and maintenance of red team detachment assessment methods, tools, and techniques
- Perform activities, administration and management duties to maintain system and data confidentiality, integrity, and availability
- Identify risk factors and mitigation technologies, procedures, and processes
- Monitor, evaluate, recommend and maintain secure system configurations
Skills on Resume:
- Cyber Intelligence (Hard Skills)
- Risk Assessment (Hard Skills)
- Threat Analysis (Hard Skills)
- Vulnerability Review (Hard Skills)
- Red Teaming (Hard Skills)
- System Hardening (Hard Skills)
- Network Defense (Hard Skills)
- Security Monitoring (Hard Skills)
27. Information Security Engineer, ByteGuard, Bismarck, ND
Job Summary:
- Maintain risk management across the enterprise environment
- Configure and maintain the SIEM and other Endpoint security tools to ensure they are operating effectively
- Maintain and ensure the Email Security threat protection solution is operating effectively
- Support the Cyber Incident Response Team (CIRT) and assist with process automation to maintain security controls
- Verify the accuracy of SIEM alerts and ensure that proper security controls are in place
- Monitor logs and troubleshoot technical issues with various Endpoint security tools
- Serve as a technical mentor on the team for more junior analysts
- Ensure security and quality of a wide range of services and products
- Conduct regular security assessments, code inspection, design review and penetration testing on new and existing products to proactively find potential vulnerabilities
- Security consulting for the implementation and enforcement of secure design principles according to policies, standards and security guidelines for web and mobile applications
- Provide security expertise and guidance to engineering and business teams
- Build security tools and monitoring that enable the security team to scale
- Work with software engineers to analyze security vulnerabilities and follow through with issues until resolution
Skills on Resume:
- Risk Management (Hard Skills)
- SIEM Configuration (Hard Skills)
- Email Protection (Hard Skills)
- Incident Response (Hard Skills)
- Log Monitoring (Hard Skills)
- Security Assessment (Hard Skills)
- Penetration Testing (Hard Skills)
- Security Consulting (Soft Skills)
28. Information Security Engineer, SecureSphere, Jackson, MS
Job Summary:
- Collaborate in the development of security plans and policies
- Develop information security requirements
- Continuous investigation for security breaches and for the implementation of security enhancements
- Systems monitoring and auditing security logs, especially on system logs and access logs
- Implement protections, OS Windows and Linux patches installation, software installation, firewall configuration
- Implement security controls and secure configuration of networking switches
- Install and configure antivirus software
- Perform periodic scans of the network for vulnerability discovery, penetration testing to highlight system weaknesses
- Recovery policy establishment and backup/recovery system design and implementation
Skills on Resume:
- Security Planning (Hard Skills)
- Policy Development (Hard Skills)
- Threat Detection (Hard Skills)
- Log Auditing (Hard Skills)
- Patch Management (Hard Skills)
- Firewall Configuration (Hard Skills)
- Penetration Testing (Hard Skills)
- Backup Recovery (Hard Skills)
29. Information Security Engineer, NetFence Tech, Fargo, ND
Job Summary:
- Lead the InfoSec (IS) operations, performing prevention, detection, response, and remediation activities globally for a large-scale internet corporation
- Develop security and compliance-related documentation, policies and procedures that align with industry standards, audits, and best practices
- Enterprise IT Security, Protection and processes regarding all non-product related assets and systems
- Establishes, documents, implements and monitors the Information System (IS) Security
- Establish and maintain System Security Plans (SSP) and related procedures for the facility
- Responsible for ensuring vital security events are logged and stored
- Authors and maintains documentation supporting the Assessment and Authorization (A&A) of assigned systems in accordance with the Risk Management Framework (RMF)
- Performs security control assessments as part of the Continuous Monitoring Plan
- Oversees configuration management of assigned systems and validates that audits are performed by the ISSO to ensure the security posture integrity
- Plan, build, and deploy an InfoSec roadmap and define the future of the department
- Create and manage an internal horizontal team to support vision and maintain alignment of key objectives across the organization
- Prospective and existing due diligence, audit management, customer questionnaire response services, access and change management, and ongoing employee security training
- Develop threat modeling and integrate into defense operations, information security (IS) architecture and engineering
- Conducts periodic hardware and software inventory assessments
- Identifies system security control shortcomings and serves as the lead for remediating deficiencies
- Cloud and infrastructure security, application security, control automation through CI/CD integration, alerts and monitoring, etc.
Skills on Resume:
- InfoSec Leadership (Soft Skills)
- Policy Development (Hard Skills)
- Security Compliance (Hard Skills)
- Risk Management (Hard Skills)
- Control Assessment (Hard Skills)
- Threat Modeling (Hard Skills)
- Audit Management (Hard Skills)
- Cloud Security (Hard Skills)
30. Information Security Engineer, CyberHaven, Boise, ID
Job Summary:
- Collaborating with stakeholders to confirm and identify all requirements for engineering services
- Designing and building proof-of-concept enhancement(s)/solution(s) in the appropriate security platform
- Implement enhancement(s)/solution(s) into the production security solution(s)
- Creating, updating, and maintaining standardized documentation for ongoing maintenance and support
- Coordinating any Change Management, Release, and/or other Go-Live activities
- Assess and troubleshoot security system or service errors that have been escalated from initial triage teams
- Support Incident Response activities
- Contribute to the research, selection, and implementation of alternative security technology solutions to reduce costs, improve performance, and/or meet updated requirements
- Participate in, or conduct, security training for personal and cross-functional team development
- Responsible for the implementation and administration of endpoint and network security appliances, hardware and software, enforcing the TaskUs security policies and complying with requirements of external security audits and recommendations
- Maintain, configure, and analyze network and host-based security platforms
- Analyze, troubleshoot, and investigate security-related information systems anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
- Evaluate systems using vulnerability scanners and manual techniques to verify system security settings and configurations
- Provide reporting from network and host-based security solutions
- Provide Incident Response support in response to information security-related events
- Participate in DRP exercises and continuous improvement processes
- Maintain and update relevant system and process documentation and develop ad-hoc reports
- Assist in the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
Skills on Resume:
- Security Engineering (Hard Skills)
- Solution Design (Hard Skills)
- Change Management (Hard Skills)
- Incident Response (Hard Skills)
- Vulnerability Assessment (Hard Skills)
- Security Troubleshooting (Hard Skills)
- Platform Maintenance (Hard Skills)
- Security Training (Soft Skills)
31. Information Security Engineer, ShieldTech Systems, Roanoke, VA
Job Summary:
- Configuration, management, and operations of core applications within the Platform and Security Services organization (e.g., ServiceNow, Tenable, BigFix, Splunk, etc)
- Conduct vulnerability scans at all levels on both internal and external systems within the enterprise
- Assess vulnerabilities identified through scans by evaluating/performing risk assessments, prioritizing vulnerabilities discovered and driving remediation campaigns/enforcement, working with various teams
- Provide vulnerability remediation/patching support to asset owners and work with asset owners on the closure of the vulnerability per the fix directions
- Maintain knowledge of the threat landscape, provide vulnerability assessment/analysis, and produce reports for management
- Collaborate and interact in a dynamic environment with multiple global teams to solve security problems
- Document policies, standards and processes related to Vulnerability Management, and keep them current
- Review and assist in identifying owners of assets that are unregistered/unclassified, ensuring good data quality
- Improve existing processes and solutions through automation, upgrades, and integration with various systems, tools, data sources for applications within the organization
- Troubleshoot complex issues across domains, networks, databases, operating systems, ETL, applications, and reporting
- Support an Agile and DevOps approach to platform management and maintenance, including support for deployment and management automation, version controls, and related continuous integration, delivery, and management processes
- Work closely with software development engineers, systems engineers, network engineers, database administrators, the monitoring team, and information security teams in supporting new features, services, and releases
- Proactively discover security problems before users notice
- Achieve optimal application performance, stability, and availability
- Determine optimal configurations for application software and application servers and scale infrastructure to meet demand
Skills on Resume:
- Vulnerability Scanning (Hard Skills)
- Risk Assessment (Hard Skills)
- Patch Management (Hard Skills)
- Threat Analysis (Hard Skills)
- Process Automation (Hard Skills)
- Issue Troubleshooting (Hard Skills)
- DevOps Support (Hard Skills)
- Team Collaboration (Soft Skills)
32. Information Security Engineer, SafeHarbor Cyber, Providence, RI
Job Summary:
- Ensuring security events are processed and dealt with by the teams responsible
- Automating system security configuration
- Optimizing alerting and reporting on the security state of the systems
- Coordinating with teams responsible for applications and infrastructure
- Assisting the fraud detection team with analysis and information gathering
- Investigating events in-depth if the situation requires it
- Maintaining contact with external parties for security issues
- Collecting information on data breaches and determining the impact on internal users and external customers
- Configure and implement multiple sources and tools (e.g., SIEMs, EDR, UBA, PAM, IAM, MFA, DLP, etc.)
- Analyze and resolve issues in configurations of various Security Tools
- Participate in the testing and operation of multiple information security systems and tools
- Develop, communicate and implement technical security standards for different platforms
- Maintain technical security requirements for regulatory bodies such as PCI, SOX, and ISO standards
- Implement and maintain security hardening best practices and guidelines
- Maintain and assess security controls around network communications
- Provide detailed remediation guidance to other business organizational units
- Work in tandem with architects, the security operations center (SOC), incident responders, and technology infrastructure and development team members
Skills on Resume:
- Security Automation (Hard Skills)
- Alert Optimization (Hard Skills)
- Tool Configuration (Hard Skills)
- Event Investigation (Hard Skills)
- Fraud Analysis (Hard Skills)
- Standards Compliance (Hard Skills)
- Remediation Guidance (Soft Skills)
- Team Coordination (Soft Skills)
33. Information Security Engineer, LockWave Security, Savannah, GA
Job Summary:
- Work with the IT Security team to develop and manage a state-of-the-art information security infrastructure (network intrusion detection, SIEM, SOAR, endpoint protection and more)
- Perform security audits and check compliance with information security policies
- Evaluate and implement effective security technologies and architecture in consultation with the technical teams
- Focus on cloud security as an important part of work
- Investigate new security threats and market trends
- Be part of the Computer Security Incident Response Team (CSIRT)
- Investigate and respond to security incidents
- Define project scope, goals and deliverables that support IT Security and Business objectives in collaboration with key stakeholders
- Remediate PCI findings during an assessment including but not limited to Patching, Logging, Firewall reviews, IDS, Penetration Testing, End-of-Life, End-of-Support, Antivirus, File Integrity Management, and Vulnerability Management
- Maintain detailed PCI remediation plans, schedules, resource plans, and reporting using Excel, SharePoint, and other Microsoft programs
- Conduct internal project meetings with stakeholders, preparing agendas and minutes for distribution that are accurate and reflective of the meetings
- Develop a thorough understanding of the assignment subject matter and demonstrate depth of business knowledge throughout the course of the review
- Maintain a flexible approach to ensure that scope alterations can be adopted when other high-risk areas are identified during the review
Skills on Resume:
- Security Architecture (Hard Skills)
- Cloud Security (Hard Skills)
- Threat Investigation (Hard Skills)
- Incident Response (Hard Skills)
- PCI Remediation (Hard Skills)
- Security Auditing (Hard Skills)
- Project Management (Soft Skills)
- Stakeholder Collaboration (Soft Skills)
34. Information Security Engineer, CyberNest, Madison, WI
Job Summary:
- Interpret, monitor, and assess the information provided by SIEM to respond to incidents
- Perform internal and external vulnerability scanning and phishing tests to verify proper security protocols are being followed
- Maintain the informational assets database and coordinate the review process to ensure the appropriate permission levels to those assets
- Review the current state of information security and perform regular audits of access permissions
- Ensure authorized access by investigating improper access, revoking access, and reporting violations
- Develop policies and procedures to strengthen the organization's information security posture
- Participate in the disaster recovery team by ensuring data security in off-site locations
- Develop security awareness globally by providing orientation, educational programs, and ongoing communication
- Update job knowledge by participating in educational opportunities, reading professional publications, maintaining personal networks, and participating in professional organizations.
- Learns about Synopsys' business initiatives, products and attack surface to drive relevant security detections
- Help architect, deploy security solutions, tools for Application and Public Cloud Security
- Work cross-functionally with peers in Information Security, IT and Engineering
- Research and evaluate new technology products for pilot or implementation to implement defensive measures
- Develop and present security tooling deployment, documentation, runbooks and SOPS for operations
- Develop technical solutions and new security tools to mitigate security vulnerabilities
- Partners with Security Engineers and Architects to drive improvements in technology and policy governance
Skills on Resume:
- SIEM Monitoring (Hard Skills)
- Vulnerability Scanning (Hard Skills)
- Access Auditing (Hard Skills)
- Policy Development (Hard Skills)
- Disaster Recovery (Hard Skills)
- Security Training (Soft Skills)
- Tool Deployment (Hard Skills)
- Cross-Functional Collaboration (Soft Skills)
35. Information Security Engineer, SecurePulse Technologies, Albuquerque, NM
Job Summary:
- Perform technical security assessments, code audits, and design reviews
- Develop technical solutions to help mitigate security vulnerabilities
- Advocate for security and secure practices throughout Google
- Research to identify new attack vectors against Google's products and services
- Be involved in offensive security exercises
- Prepare test cases, test scripts, test plans and procedures, data collection, and lab infrastructure for cybersecurity functions
- Participate in system and project development, integration activities, and working groups
- Assess and maintain the security posture of high-performance computing systems
- Perform hardware technical reviews
- Monitor security tools (Security Information and Event Management tools, Anti-Malware, Firewalls, Centralized Logging system, Intrusion Detection Systems, Intrusion Prevention Systems)
- Identify current and potential problem areas, escalating and responding
- Monitor several industry sources for threat information and information security risks and recommend risk mitigation strategies
- Monitor the Global Information Security Mailbox and route requests and questions appropriately
Skills on Resume:
- Security Assessment (Hard Skills)
- Code Auditing (Hard Skills)
- Vulnerability Mitigation (Hard Skills)
- Offensive Security (Hard Skills)
- Threat Research (Hard Skills)
- Tool Monitoring (Hard Skills)
- Risk Escalation (Soft Skills)
- Hardware Review (Hard Skills)
36. Information Security Engineer, ByteFence Solutions, Des Moines, IA
Job Summary:
- Become an expert in the Lending Club technology stack to understand points of weakness and opportunities for security solutions
- Assist in monitoring LendingClub’s IT control environment to identify key risks, related controls and gaps
- Document and report results to management
- Assist with third party vulnerability testing process
- Collaborate with internal stakeholders on addressing systemic security issues
- Perform monitoring of security tools and oversee remediation of items identified
- Proactively identify threats and vulnerabilities, and collect, correlate, and analyze data to detect actual or potential security-related incidents, and ensure timely remediation by the applicable party.
- Identify, implement, and maintain the controls and procedures to cost-effectively and uniformly protect Lending Club’s information system assets
- Monitor, track and document information security-related incidents to ensure a prompt and efficient resolution
- Provide support and evidence collection for internal and external audits and risk assessments
- Consults with management to assist with developing corrective action plans for identified audit, risk, Information Security, and IT findings
- Research, design, and participate in or lead the implementation of security initiatives
- Stay current on the latest information technology and security trends
- Recommend corrective actions as identified and needed through Information Security initiatives
- Assist in developing Lending Club-wide best practices for IT and Information security
- Brief management on the status of security initiatives and the effectiveness of controls
Skills on Resume:
- Security Monitoring (Hard Skills)
- Risk Assessment (Hard Skills)
- Vulnerability Testing (Hard Skills)
- Threat Detection (Hard Skills)
- Control Implementation (Hard Skills)
- Audit Support (Hard Skills)
- Corrective Planning (Soft Skills)
- Security Consulting (Soft Skills)
37. Information Security Engineer, CyberSentinel, Charleston, SC
Job Summary:
- Assist software development architects with secure coding and architecture practices
- Assist with metric collection and application methodologies for internal information risk management efforts
- Consult with teams to ensure data is properly handled throughout the environment
- Collaborate with business, technology, project management, architecture and information security teams to deliver secure solutions that support business
- Serve as a liaison between the business and IT for technical security projects
- Stay current on information security practices
- Perform qualitative risk assessments on systems and applications
- Work with information security analysts to ensure visibility and security controls are implemented and maintained
- Maintain the organization's security information tools
- Enhance technologies and processes for information security analysts
Skills on Resume:
- Secure Coding (Hard Skills)
- Risk Assessment (Hard Skills)
- Data Handling (Hard Skills)
- Security Consulting (Soft Skills)
- Stakeholder Collaboration (Soft Skills)
- Security Controls (Hard Skills)
- Tool Maintenance (Hard Skills)
- Process Enhancement (Hard Skills)
38. Information Security Engineer, TrustShield Cyber, Reno, NV
Job Summary:
- Evaluate information security performance and the effectiveness of the information security management system
- Collecting and analysing information security metrics and measures data to prepare reports for senior management and other relevant stakeholders
- Engaging with senior management to ensure that they understand the information security risks relevant to the organisation
- Establishing information security monitoring arrangements for new services/programmes/projects
- Managing the external compliance requirements framework and the timely and accurate completion of submissions and returns
- Monitoring and reporting on compliance with information security policies, standards, processes and procedures
- Developing materials and tools to effectively communicate information security compliance and performance trends across the business
- Monitoring risk treatment and audit actions delivery in line with agreed targets and KPIs
- Providing information security compliance support, advice and guidance to all teams
- Participating in the development, delivery and management of the information security education, training and awareness programme
Skills on Resume:
- Security Evaluation (Hard Skills)
- Metrics Analysis (Hard Skills)
- Risk Communication (Soft Skills)
- Compliance Monitoring (Hard Skills)
- Policy Management (Hard Skills)
- Audit Tracking (Hard Skills)
- Security Guidance (Soft Skills)
- Training Delivery (Soft Skills)
39. Information Security Engineer, SecureLink Systems, Helena, MT
Job Summary:
- Understands and advises on enterprise policies and technical standards with specific regard to vulnerability management and secure configuration
- Successfully partner with other security and IT infrastructure professionals to assess potential impact from vulnerabilities specific to the Client’s environment and determine appropriate mitigating controls
- Identify and recommend appropriate measures to manage and remediate vulnerabilities with the focus on reducing potential impacts on information resources to an acceptable level based upon the Client’s policies and standards
- Build strong partnerships with technical teams to promote best practices for managing vulnerabilities in an agile manner across traditional infrastructure and in cloud environments
- Review and/or escalate exception requests submitted to the VM team
- Using a risk-based approach, analyze the Client’s vulnerability data against open/closed information sources to best prioritize vulnerability hygiene activities
- Develop and improve KPIs, metrics, and trend analysis for vulnerability management functions
- Assist the team in maintaining appropriate documentation that defines the Threat and Vulnerability Management Program, policies, and procedures
- Support the Chief Information Security Officer’s work on leadership, strategy, policy, risk management, disaster recovery, business continuity, compliance, external relations, and emerging technologies and threats
- Awareness, training, and communications
- Forensics, intrusion detection, incident response, and threat hunting
- Vulnerability scanning and monitoring, including patch management and retirement of obsolete systems
Skills on Resume:
- Vulnerability Management (Hard Skills)
- Risk Analysis (Hard Skills)
- Secure Configuration (Hard Skills)
- Cloud Security (Hard Skills)
- Exception Handling (Hard Skills)
- Metric Development (Hard Skills)
- Threat Hunting (Hard Skills)
- Security Training (Soft Skills)
40. Information Security Engineer, DataGuard Innovations, Little Rock, AR
Job Summary:
- Apply a best-in-class governance, risk, and compliance program that encompasses SaaS
- Facilitate customer assurance activities
- Enable the sales team via security training, collateral development, RFP maintenance, and customer support
- Manage customer security questions and escalate potential security issues to appropriate teams and drive to resolution
- Maintain a third-party risk management program
- Establish a process for communicating Semos Cloud’s security requirements to relevant stakeholders (clients, employees, regulators), enforce and evolve those mechanisms, and revise them as the business or regulatory environment requires changes
- Continuously develop, implement, and update all information security, governance documents
- Achieve the right balance of security and agility in Semos Cloud
- Understand customers’ risk exposure and the type of data that needs protection and prioritize security programs
- Implement security safeguards and train/educate the team about security risks
- Help improve and communicate the maturity levels of information security, cybersecurity, and IT risks
- Proactively identify and mitigate risks
- Plan and communicate ownership and relationship
- Facilitate management response and remediation efforts
- Assist Semos Cloud with any risk and compliance matters
- Identify acceptable levels of residual risk and assist with the creation of risk mitigation plans/procedures
- Provide recommendations to the sales/management team
- Conduct investigations, prepare a findings report, and analyze patterns and trends
- Manage disputes, complaints, requests for exceptions, for any information security matters with the team and external stakeholders (partners, customers)
Skills on Resume:
- Risk Management (Hard Skills)
- Compliance Program (Hard Skills)
- Customer Assurance (Soft Skills)
- Security Training (Soft Skills)
- Third-Party Oversight (Hard Skills)
- Security Communication (Soft Skills)
- Governance Documentation (Hard Skills)
- Issue Resolution (Soft Skills)
41. Information Security Engineer, InfraSecure LLC, Jackson, MS
Job Summary:
- Provide subject matter expertise on security architecture and operations
- Provides objective evaluations of security controls, mechanisms, and goals in comparison to best practices
- Establishes and satisfies information security requirements based upon the analysis of user, policy, regulatory, and resource demands
- Research technologies and methods that better utilize existing technology
- Consults with IT project teams and staff across all technology disciplines to provide direction on security requirements in accordance with security policies and standards
- Design, deploy and monitor security tools such as a SIEM, IDS/IPS, EDR, firewalls, etc.
- Performs forensic analysis to detect security incidents and mounts an incident response
- Investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements
- Perform vulnerability assessments and security architecture reviews to help identify external threats and recommend methods for remediation
- Create the plan and oversee penetration testing of all critical systems to identify system vulnerabilities
- Maintains a strong understanding of all electronic security perimeters to ensure adequate defense in depth design across the enterprise
- Design, propose and implement appropriate access controls, leveraging SAML/OAuth in achieving secure and auditable SSO
- Supports and maintains the Intrusion Detection System (IDS) / (IPS) Intrusion Prevention System
Skills on Resume:
- Security Architecture (Hard Skills)
- Control Evaluation (Hard Skills)
- Security Consulting (Soft Skills)
- Tool Deployment (Hard Skills)
- Forensic Analysis (Hard Skills)
- Vulnerability Assessment (Hard Skills)
- Penetration Testing (Hard Skills)
- Access Control (Hard Skills)
42. Information Security Engineer, TrustWave Consulting, Portland, ME
Job Summary:
- Calibrate security control systems with the desired risk posture for the enterprise and customers
- Automate security controls to reduce attack surface, proactively seek out vulnerabilities, and decrease response and recovery times
- Partner with DevOps and Operations teams to integrate the controls into orchestration systems to ensure a consistent infrastructure state
- Optimize security tool deployments and introduce scalable processes across IT and InfoSec capabilities
- Contribute and collaborate with other Information Security team members across the broad spectrum of information security programs, such as Threat and Vulnerability Management, Security Response, Information Protection, Governance and Compliance
- Consistent regular attendance at an assigned work location
- Improve and enhance incident detection and response capabilities while building tools and frameworks for automating these capabilities
- Identify vulnerabilities through assessments, working with internal partners towards remediation of Yelp’s environment
- Set policies and best security practices for IT, and other internal organization and third-party integrations
- Design, develop, and operationalize monitoring, correlation, and alerting capabilities for Yelp’s network, infrastructure, and applications to identify suspicious or anomalous behavior
- Help perform threat modeling across business applications and infrastructure integrations
Skills on Resume:
- Control Automation (Hard Skills)
- Risk Calibration (Hard Skills)
- DevOps Integration (Hard Skills)
- Tool Optimization (Hard Skills)
- Incident Response (Hard Skills)
- Vulnerability Assessment (Hard Skills)
- Policy Setting (Hard Skills)
- Threat Modeling (Hard Skills)
43. Information Security Engineer, CyberWorks, Anchorage, AK
Job Summary:
- Leading Cyber Incident Response functions by triaging and handling Cyber incidents, performing proactive threat hunting across the network using Endpoint Detection and Response tools to identify and mitigate threats to BGL Group
- Investigation and handling of security incidents and fully scoping potential threats on the network
- Providing detailed analysis reports from incident handling and response activities
- Automating key processes and providing ongoing testing of security controls
- Threat hunting activities to uncover malicious code and identify nefarious behaviour
- Collaboration with other teams to develop, deploy and tune detection alerts
- Working with team members to strategise and execute the deployment of bespoke security solutions
- Exercising incident response processes and forensic triage across Windows, Mac, and Linux platforms
- Develop, document and maintain processes and procedures, and improve processes for incident response and the wider InfoSec team functions
- Responsible for the day-to-day operation, maintenance, and monitoring of a wide variety of security tools and applications that support the overall Information Security program
- Help with infrastructure and application security, identity and access management, governance and controls and Sendoso’s overall security posture
Skills on Resume:
- Incident Response (Hard Skills)
- Threat Hunting (Hard Skills)
- Forensic Triage (Hard Skills)
- Alert Tuning (Hard Skills)
- Security Automation (Hard Skills)
- Tool Monitoring (Hard Skills)
- Process Improvement (Soft Skills)
- Access Management (Hard Skills)
44. Information Security Engineer, SafeZone Cyber, Providence, RI
Job Summary:
- Develop and maintain the necessary procedure and policy documentation
- Facilitate internal and external penetration tests
- Identify security gaps, develop recommended solutions, and work with the business units and other IT teams to facilitate implementation
- Review of new IT systems and updates to existing systems to ensure controls are maintained and tested
- Perform security log reviews, analysis of security events, and develop reports using the log correlation engine
- Manage and operate vulnerability and compliance scanning systems
- Plan and facilitate remediation efforts for any findings
- Write signatures and run scans to ensure systems maintain compliance with benchmark configurations
- Develop and implement security hardening and configuration standards and procedures for information systems
- Manage and monitor intrusion detection/prevention systems, analyze and respond to alerts, perform network traffic analysis and system reviews to identify compromised systems
- Facilitate incident response and forensic efforts
- Work with systems engineers and administrators to ensure secure systems are built and maintained
- Plan business unit security initiatives and events
- Supports the Cloud Infrastructure team in securing the cloud-based virtual environment
- Oversees Sekure Merchant Solutions security evaluations, implementations of products, software integration, configuration development, operational procedures, and security policies
- Evaluate and recommend security best practices
- Creates and modifies policies, standards and procedures
Skills on Resume:
- Policy Development (Hard Skills)
- Penetration Testing (Hard Skills)
- Gap Analysis (Hard Skills)
- Log Analysis (Hard Skills)
- Vulnerability Scanning (Hard Skills)
- System Hardening (Hard Skills)
- Intrusion Detection (Hard Skills)
- Cloud Security (Hard Skills)
45. Information Security Engineer, NetGuard Tech, Santa Fe, NM
Job Summary:
- Identify security exposures and develop mitigation plans
- Design, evaluate, recommend, implement, manage, and support security-focused tools (e.g., SIEM, PAM, CASB)
- Evaluate and recommend new and emerging security products and technologies
- Write detailed standards and processes
- Develop and implement black box testing, code reviews, automation, threat modeling and research to reduce risk, at scale
- Review, improve and innovate processes to ensure efficacy and efficiency in data protection
- Assess and measure risk presented by vulnerabilities and document their exploitability in consideration of mitigating controls
- Define detection techniques and support security compliance efforts
- Manage security integration into the SDLC process
- Promote and integrate secure coding techniques and practices into product engineering teams
- Assess vulnerabilities, provide remediation guidance
- Propose, design, build, and deploy security improvements across all aspects of systems and product surface
- Research emerging threats and evolving best practices and educate the rest of the team about findings
- Develop rules, monitor networks and systems for security breaches through the use of software that detects intrusions and anomalous system behavior
- Participate in the design and implementation of new systems to ensure protection of information and processes supporting company policies, standards, and current audit and compliance requirements.
- Analyze security systems and seek improvements continuously
- Research weaknesses and identify countermeasures
Skills on Resume:
- Risk Mitigation (Hard Skills)
- Tool Management (Hard Skills)
- Threat Modeling (Hard Skills)
- Secure Coding (Hard Skills)
- Vulnerability Assessment (Hard Skills)
- SDLC Integration (Hard Skills)
- Intrusion Detection (Hard Skills)
- Process Improvement (Hard Skills)
46. Information Security Engineer, Cyber Advisors, Maple Grove, MN
Job Summary:
- Perform continual testing on current systems to determine potential problems or security threats
- Conduct cloud security reviews (AWS) and network security assessments
- Prepare reports for internal and external clients detailing the security issues, making recommendations and identifying solutions
- Work with the application delivery team to implement application security
- Operate cloud security products such as WAF, a Monitoring system to detect and respond to security attacks as soon as the issue arises
- Formulate an IT security incident response strategy and implement a method of notifying parties
- Review, analysis and delivery of security projects such as web application firewall, SIEM, etc.
- Support the business with a range of compliance requirements
- Provision of business support at a high level and to a range of key stakeholders in relation to ongoing security improvements
- Provide advice on hacking tools and techniques including advanced malware detection
- Keep up to date with the latest thinking on secure coding and cybersecurity issues
Skills on Resume:
- System Testing (Hard Skills)
- Cloud Security (Hard Skills)
- Security Reporting (Hard Skills)
- App Security (Hard Skills)
- Incident Response (Hard Skills)
- Compliance Support (Hard Skills)
- Stakeholder Advice (Soft Skills)
- Malware Detection (Hard Skills)
47. Information Security Engineer, SmallSecureTech, Boise, ID
Job Summary:
- Implement tools and processes that support information security initiatives
- Participate in the development and refinement of Information Security programs
- Develop and maintain documentation for security systems and procedures
- Participate in the evaluation, selection, testing and implementation of security-focused products and services
- Organize tactical projects assigned to clarify and respond to identified security risks across technical domains
- Execute established security practices with consistency and discipline
- Collaborate with engineers in other groups to implement standardized practices and follow the routine process to promote secure systems
- Research and correct new or unusual security configurations and implementations as identified by intelligence, analysts or monitoring
Skills on Resume:
- Tool Implementation (Hard Skills)
- Program Development (Hard Skills)
- Security Documentation (Hard Skills)
- Product Evaluation (Hard Skills)
- Risk Response (Hard Skills)
- Practice Execution (Hard Skills)
- Team Collaboration (Soft Skills)
- Security Research (Hard Skills)
48. Information Security Engineer, SafeNetWorks, Reno, NV
Job Summary:
- Plan, implement, manage and monitor security measures for the protection of the company’s data, systems and networks
- Ensure the company’s data and infrastructure are protected by enforcing the appropriate security controls
- Test and identify network and system vulnerabilities
- Maintain current knowledge of emerging security threats, technical challenges and developments in system protection and IT security standards
- Identify and define system security requirements
- Design a computer security architecture and develop detailed cybersecurity designs
- Prepare and document security, cybersecurity incident operating procedures and protocols
- Configure and troubleshoot physical, virtual and cloud-hosted security systems and services such as firewalls, load balancers, etc., in conjunction with appropriate personnel
- Develop technical procedures and solutions to help mitigate security vulnerabilities
- Responsible for employee training and guidance on acceptable use, risk management, and security protocols
- Investigate security breaches and lead incident response, including communication, steps to minimize the impact and conducting a technical investigation into the forensics of the breach and impact
- Write comprehensive reports including assessment-based findings, outcomes and suggestions for further system security enhancement
- Work in conjunction with the Senior Systems Administrator to manage operations of physical/virtual infrastructure, including enterprise server, storage and systems
- Compliment the Senior Systems Administrator in the management of cloud-based infrastructure operating on Azure, Amazon Web Services, Office 365, Google Apps, and similar
- Provide general IT support and work with the Development team on projects
- Participate in on-call pager responsibilities
Skills on Resume:
- Security Management (Hard Skills)
- Vulnerability Testing (Hard Skills)
- Threat Monitoring (Hard Skills)
- Security Architecture (Hard Skills)
- System Configuration (Hard Skills)
- Incident Response (Hard Skills)
- Employee Training (Soft Skills)
- Cloud Infrastructure (Hard Skills)
49. Information Security Engineer, CyberForge Solutions, Eugene, OR
Job Summary:
- Directs all phases of planning and execution of the information system security functions, including risk management and risk assessments
- Establishes and communicates all standards, procedures, and guidelines to prevent the unauthorized use, release, modification, or destruction of data in any form, including the review of system designs to ensure essential security measures are in place
- Reviews the compliance of the company’s security guidelines in conjunction with the Director of the IT team
- Quality Assurance to ensure that all mandated security requirements are met, and recommends modifications and effective security solutions
- Identifies information security risks, detection of security violations, as well as the recommendation of specific, actionable mitigation
- Established security measures to support disaster recovery efforts
- Works with the software development teams (both internal and external) to ensure that security is considered and applied in conjunction with all development projects
- Recognizes and identifies potential areas where existing data security policies and procedures require change, or where new ones need to be developed, especially regarding changes to the threat landscape
- Creates and maintains data security documentation
- Stays current with emerging security practices and standards to ensure that data security solutions are continuously improved, implemented and supported
- Develops and maintains data security-related training and awareness programs
- Perform Cloud Assessments, Cloud Security Engineering
- Understand vulnerabilities and develop relevant exploits/payloads for use during test exercises
- Perform independent reviews of security, cloud environments, on-premises networks, and enterprise systems
- Plan/Design/Execute security-related artifacts and activities
- Stay on time and within the scope of testing activities
Skills on Resume:
- Risk Management (Hard Skills)
- Compliance Review (Hard Skills)
- Security QA (Hard Skills)
- Threat Mitigation (Hard Skills)
- Disaster Recovery (Hard Skills)
- Cloud Security (Hard Skills)
- Policy Development (Hard Skills)
- Security Training (Soft Skills)
50. Information Security Engineer, ShieldGuard LLC, Madison, WI
Job Summary:
- Implement and maintain their current systems as well as help build the Information Security Team as the company grows
- Look for all aspects of information security and will be expected to be hands-on as the organisation continues to grow
- Take ownership and independence over the security systems and practices, while making a positive difference as part of a global, multi-disciplinary and collaborative team
- Oversee the invasion detection, firewall and prevention systems
- Oversee vulnerability scanning and planning for problem fixing
- Safeguard information systems against unlawful access
- Configuration of log aggregation and review logs for security events
- Manage installation and configuration of network security software
- Collaborate with other engineers and Guild teams on a wide range of projects and initiatives to support compliance requirements and business objectives
- Develop, implement, and maintain security tools and infrastructure
- Seek out process improvement opportunities through automation
- Assist with incident response and investigation activities
- Fulfill regular on-call responsibilities as part of a team rotation
Skills on Resume:
- System Security (Hard Skills)
- Firewall Management (Hard Skills)
- Vulnerability Scanning (Hard Skills)
- Log Analysis (Hard Skills)
- Tool Implementation (Hard Skills)
- Incident Response (Hard Skills)
- Process Automation (Hard Skills)
- Team Collaboration (Soft Skills)
51. Information Security Engineer, NetSafe Innovations, Charleston, SC
Job Summary:
- Respond to information and cybersecurity incidents by analyzing logs, threat intel, and other sources of information
- Acts as a liaison between the Information Security team and business verticals to track and monitor incident response status updates
- Responsible for analyzing alerts generated by various security tools to reduce false positives and increase alert effectiveness
- Reviewing audit trails for unauthorized access attempts or other information security violations
- Conduct root cause analysis to identify gaps and recommendations, ultimately remediating risks
- Analyze previously unknown malware utilizing static and dynamic methods to determine its behavior and impact on hosts
- Familiarize with most security tools and to aid their management and tuning
- Assists in identifying any gaps in the current state of security operations and recommending ways to improve its effectiveness
- Seeks out ways to automate the incident response process and with security engineering assistance, and with implementation improvements
- Works to resolve any errors in security tickets not related to incident response
- Assists with security engineering work in other security domains including vulnerability management, penetration testing, digital certificate management, and privileged access
- Documents and tracks security incidents and breaches using the corporate risk tracking platform
- Develops dashboards and metrics to monitor the current state of the security operations process and technology
- Assists in evaluating, planning, configuring, and implementing best practices of new/existing security applications/tools
- Regularly review and update Incident Response SOP and playbooks
- Supports operations teams in the daily running of security tools deployed in the environment
Skills on Resume:
- Incident Response (Hard Skills)
- Threat Analysis (Hard Skills)
- Root Cause (Hard Skills)
- Malware Analysis (Hard Skills)
- Tool Tuning (Hard Skills)
- Process Automation (Hard Skills)
- Alert Management (Hard Skills)
- Security Documentation (Hard Skills)