INFORMATION SECURITY ENGINEER SKILLS, EXPERIENCES, AND JOB REQUIREMENTS

Published: Aug 29, 2025 - The Information Security Engineer brings combined experience in information security and risk management, with deep knowledge of frameworks. This role requires proficiency in security assessment and penetration testing tools, project management capabilities, and the ability to work effectively both independently and within global teams. The engineer also demonstrates strong communication, leadership, and problem-solving skills, contributing confidently to the design and implementation of secure, effective solutions.

Essential Hard and Soft Skills for an Information Security Engineer Resume
  • Threat Monitoring
  • Intrusion Analysis
  • Incident Response
  • Vulnerability Testing
  • Patch Management
  • Risk Assessment
  • Security Evaluation
  • Asset Protection
  • Compliance Monitoring
  • Code Review
  • Cross-Functional Collaboration
  • Customer Assessment
  • Awareness Training
  • Problem Solving
  • Team Leadership
  • Policy Compliance
  • Vendor Coordination
  • Risk Communication
  • Project Execution
  • Security Leadership

Summary of Information Security Engineer Knowledge and Qualifications on Resume

1. BS in Electrical Engineering with 9 years of Experience

  • Experience in Information Security, Cybersecurity, Identity and Access Management (IAM) and/or Information Technology with a security focus to include accountability for sophisticated tasks and/or projects
  • Proficient level of discernment in the areas of business operations, risk management, industry practices and emerging trends
  • Experience in defining and driving alignment of processes to the overall strategy and vision
  • Possesses skilled knowledge of IAM operations and can lead the alignment and development of processes or capabilities to materially change and improve performance
  • Hands-on experience with Process Mapping and/or Modeling and crafting/validating process documentation using tools such as Vizio, iGraphx or Aris
  • Experience in the application of process management standards and policies
  • Knowledge of applicable regulations with risk management tools such as MetricStream, RSA Archer or ServiceNow GRC
  • Business process execution/knowledge/experience, consulting, and/or process engineering/optimization
  • Experience with compliance frameworks and industry standards such as NIST 800-53, ISO 27001, CSA, CCM or FFIEC
  • Must have security and/or process certifications (e.g., Security +, CRISC, Six Sigma, CISSP)
  • Experience supporting Encryption or Security Appliance Devices and HSMs
  • Ability to identify and manage complex issues and negotiate solutions within a geographically dispersed organization
  • Knowledge and understanding of configuration management solutions for information security and compliance controls
  • Advanced problem-solving and technical troubleshooting capabilities
  • Experience with engineering, builds or support of Hardware Secure Modules (HSMs) and/or security appliance devices

2. BS in Cybersecurity with 5 years of Experience

  • Knowledge of information security principles and cryptographic concepts
  • Exposure to web application and cloud security concepts including OWASP Top 10 Risks, strong border protection and data protection schemes
  • Exposure to vulnerability assessments and penetration tests and coordination of necessary remediation activities
  • Exposure to Information Security tools such as Intrusion Detection, Security Information and Event Management (SIEM), Endpoint Protection/Monitoring, commercial and open-source monitoring, research tools, and AWS Security Tools, etc.
  • Basic knowledge of handling and escalation of potential security incidents
  • Strong analytical thinking skills
  • Exposure to cloud environments and border protection
  • Experience with scripting languages such as Python, Java, and/or Bash
  • Background in payments/banking/FinTech
  • Excellent written and verbal communication skills

3. BS in Information Technology with 8 years of Experience

  • Information security applications and systems experience
  • Information technology applications and systems experience
  • Experience in engineering and analyzing UNIX-based operating systems, Linux-based operating systems or a combination of both
  • Experience with Windows server operating systems
  • Experience managing Cloud Access Security Broker (CASB) deployment using tools such as NetScope
  • Strong verbal, written, and interpersonal communication skills
  • Knowledge and understanding of the information security log management system
  • Knowledge and understanding of Splunk
  • Knowledge and understanding of web proxy plugin technologies, such as installation, configuration, deployment, and troubleshooting
  • Experience using the team collaboration software Confluence
  • Experience with Agile Scrum (Daily Standup, Sprint Planning, and Sprint Retrospective meetings) and Kanban
  • Working experience in RSA Authentication Manager 8.x administration and server support 
  • Experience connecting security log sources and creating reports and dashboards to monitor for notable security events
  • Problem-solving skills, the ability to develop effective long-term solutions to complex problems
  • Experience in planning and managing cloud application migration and large-scale cloud platform deployment

4. BS in Management Information Systems with 7 years of Experience

  • Working experience in secure SDLC (System Development Life Cycle) methodologies 
  • Advanced Information Security technical skills
  • Solid knowledge and understanding of information security practices and policies
  • Experience working in a large enterprise environment
  • Excellent verbal, written, and interpersonal communication skills
  • Experience with Security Orchestration and Automated Response (SOAR) tools
  • Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux
  • Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other similar security detection/mitigation devices
  • Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents
  • Strong ability to identify anomalous behavior on endpoint devices and/or network communications
  • Strong experience in operating systems and application security hardening and best practices
  • Strong investigative mindset with an attention to detail
  • Advanced problem-solving skills, ability to develop effective long-term solutions to complex problems
  • Ability to manage complex issues and develop solutions
  • Ability to interact and communicate effectively with all levels of an organization, including at the executive level

5. BS in Information Assurance with 5 years of Experience

  • Self-motivated, curious and passionate about continued learning with a desire to further transform and modernize solutions
  • Must have AWS Cloud certification or experience with AWS cloud environments
  • Experience with data protection technologies and cloud tooling (DLP, Data Security, Encryption, CASB and CSPM solutions)
  • Experience utilizing reporting tooling
  • Proven experience as an IT professional
  • Basic knowledge of insurance and financial services products
  • Knowledge of business unit applications
  • Advanced planning, organizational, problem-solving, analytical, decision-making and communication skills
  • Proficiency with database applications, knowledge of mainframe, distributed and/or web programming languages

6. BS in Computer Engineering with 3 years of Experience

  • Strong Hebrew and English speaking skills with experience working at an overseas company
  • Experience in Information Security, Risk Management, and/or Audit
  • Must have a 'can-do' attitude, high energy, and creativity, along with organizational skills
  • Ability to handle multiple tasks
  • Strong interpersonal, oral, written, and visual communication skills
  • Ability to present findings concisely and effectively
  • Ability to collaborate effectively with management, developers, program management, engineers, administrators, compliance and legal about objectives, requirements, and designs
  • Ability to pay careful attention to detail, notice patterns and connections
  • Ability to design solutions for multiple product requirements

7. BS in Information Technology with 8 years of Experience

  • Experience in supporting CANES or CANES-Based Variant (CBV) systems in development, integration, and sustainment work
  • Experience working with the Risk Management Framework (RMF) steps 1-6 process
  • Experience working with RMF Stage 6 type support to include assessment and documentation of risks, performing security control assessment and documentation of compliant and failed security controls into the eMASS tool
  • Experience with working with Security Assessment Reports (SAR) executive summaries, system risk assessments, and controls in eMASS
  • Experience working with the preparation and submission of the Security Assessment Plan (SAP) and able to guide how to properly execute the approved SAP
  • Experience working with automated testing tools such as Security Content Automation Protocol (SCAP) and manual test methodologies such as Security Technical Implementation Guide (STIG) to assess and validate vulnerabilities and compliance
  • Experience working with eMASS and VRAM
  • Experience working on sustaining UNCLASSIFIED, SECRET, and Secret Releasable (SR) Security Enclave ATO packages
  • Possess the expertise to create, update, and turn in RMF Steps 1-5 documentation
  • Ability to sustain/maintain RMF Step 6 documentation and support any Authorization to Operate (ATO) extensions
  • Ability to complete a SAR with the Security Control Assessor (SCA) and be able to explain assessment results
  • Ability to work with Military Sealift Command (MSC) stakeholders with risk and mitigations to include Category (CAT) level I, II, or III findings

8. BS in Cloud Computing with 6 years of Experience

  • Experience in a combination of information security and risk management
  • Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework
  • Experience in using standard Security Assessment and Penetration Testing tools
  • Experience working in a global environment with progressively increasing responsibility in one or more information security domains)
  • Demonstrated project management and presentation skills
  • High degree of competence with Microsoft Office Productivity Applications
  • Ability to work alone as an individual contributor, as a technical lead and as a key participant in collaboration across global teams
  • Must be an independent, confident, persistent and results-oriented individual
  • Able to deal with influencing skills, ambiguity and work independently with minimal supervision/guidance
  • Excellent English communication and solid oral, written communications, problem-solving, commitment to task, ability to lead and influence change

9. BS in Network Engineering with 5 years of Experience

  • Enhanced knowledge in Banking/Cyber Security Domains
  • Experience in handling Information Security projects
  • Experience in Technology Operations, production support demonstrated through work experience in multiple projects
  • Proficient in understanding, analyzing and writing T-SQL queries
  • Real-time experience in Microsoft SQL Server Management Studio
  • Experience in Hadoop development (Hive)
  • Ability to create/modify/close Jira requests daily
  • Experience in the Incident/Change Management process/cycle
  • Must have CISSP, CISM or equivalent information security certification
  • Hands-on security technology experience with firewalls, IDS/IPS, endpoint security, and related experience
  • Experience with Active Directory administration and security
  • Working experience in Splunk and security incident response