WHAT DOES AN INFORMATION SECURITY ENGINEER DO?
Published: Aug 28, 2025 - The Information Security Engineer is responsible for identifying and managing security risks, analyzing malware and intrusion alerts, and overseeing system and application security through penetration testing and scanning tools. This role involves implementing remediation plans, maintaining control processes, documenting internal procedures, and ensuring alignment with international regulations. The engineer also includes regular reporting to regional IT leadership to ensure compliance with company security policies while fostering transparent and respectful communication among stakeholders.

A Review of Professional Skills and Functions for Information Security Engineer
1. Information Security Engineer Duties
- Security Documentation: Adapt security guidance and documentation into the SDLC
- Configuration Assessment: Assist with conducting security assessments of configuration changes to the application architecture
- Security Training: Assist with application security training initiatives
- Framework Integration: Assist with implementing industry frameworks into application architecture
- Incident Response: Assist with an internal incident response
- Vulnerability Research: Research and be on top of vulnerability, malware, common vulnerabilities, and exposures of Wintel, Linux, physical, hypervisor, and storage systems
- Security Architecture: Design a computer security architecture and develop detailed cybersecurity designs
- Patch Deployment: Plan and coordinate the deployment of security and vulnerability patching to all computer systems
- Procedure Documentation: Prepare and document standard operating procedures and protocols
- Infrastructure Configuration: Configure and troubleshoot security infrastructure devices
- Vulnerability Testing: Perform vulnerability assessments and penetration testing
- Security Automation: Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Forensic Analysis: Perform a forensic analysis and root cause analysis for all infrastructure-related security incidents
- Incident Awareness: Ensure the company knows as much as possible, as quickly as possible, about security incidents
- Security Reporting: Write comprehensive reports including assessment-based findings, outcomes, and propositions for further system security enhancement
2. Information Security Engineer Details
- Patch Deployment: Responsible for server OS patch deployment
- Patching Coordination: Responsible for overseeing, tracking, and scheduling all server patching efforts for a large-scale enterprise environment
- Standards Definition: Define patching standards and processes to maintain server/solution security compliance across the enterprise environment
- Procedure Management: Create and maintain operational procedures to ensure patching success rates and will be the main point of communication for security patching
- Status Reporting: Conduct reviews and provide reporting on patching status and any trends seen to help improve the health of the environment
- Automation Implementation: Define and operationalize automation, implement scripts of all the security patching tasks using tools like Windows SCCM / WSUS / Ansible and subscriptions like CentOS Spacewalk, RHEL Satellite
- Error Prevention: Analyze trends to identify potential patching errors in all OS environments and work with respective teams to ensure those errors do not recur in future patching cycles
- Infrastructure Security: Help secure the infrastructure and solutions from medium to critical security threats
- Window Maintenance: Maintain and update all patching maintenance windows with the business
- Team Collaboration: Works with and manages cross-functional teams to identify operational procedures and best practices in accordance with the patch management strategy
- Compliance Assurance: Ensure overall compliance levels through patch management standards
- Service Improvement: Employ continual service improvement through monthly and quarterly patch management metrics reviews
- Trend Analysis: Analyze trend data to identify potential patch-related issues on various images and assist teams in troubleshooting to implement any resolutions/improvements for proactive resolution
- Process Communication: Communicate patch management process and procedures, working practices, and changes to internal teams and customers
- Window Updates: Update and maintain enterprise patch maintenance windows with the business
- Deployment Scheduling: Coordinate monthly Windows patching deployments as well as scheduled Linux/Unix deployments
3. Information Security Engineer Responsibilities
- Program Support: Under the manager’s guidance, works on the overall security program and content
- Policy Experience: Wide experience with network security policies and implementation
- Policy Revision: Work with existing policies and procedures to identify, recommend, and develop revised policies and procedures relating to information security
- Infrastructure Design: Design security infrastructure solutions and capabilities of the organization, with a main focus on data encryption, authorization methodologies, and software security layers
- Metrics Development: Develop Cybersecurity reporting metrics and present information to IT management
- Security Evaluation: Highlight the current state of security measures and make recommendations for improvement
- Team Collaboration: Work with IT management, risk managers, corporate compliance, and clinical teams
- Regulatory Compliance: Ensure organization compliance with the security sections of Federal and State regulations including HIPAA, PCI, and SOX
- Access Control: Responsible for enforcing individual identifiers, their authentication, authorization, and privileges/permissions
- Threat Assessment: Perform threat and vulnerability assessments, in some cases, followed by appropriate remedial action
4. Information Security Engineer Job Summary
- Contractor Compliance: Enforcing compliance with security standards for outside contractors, vendors, and business associates
- Meeting Participation: Keep informed by attending staff meetings and/or reviewing information if unable to attend
- Process Improvement: Work with visitors, co-workers, and leadership to simplify and improve work processes and is an active participant in the continuous quality improvement process
- Customer Service: Understand the customer’s reasonable expectations of service and provide effort and initiative to exceed these expectations
- Regulatory Standards: Perform work on quality standards and regulatory compliance
- Status Communication: Notify patients, family members, and coworkers of procedure/service status on a frequent and timely basis
- Cybersecurity Management: Responsible for maintaining and implementing the cybersecurity infrastructure and program at the Healthcare System
- Threat Response: Work very closely and collaborate with other technical teams to respond to threats as well as daily, to maintain the security posture of the environment
- Domain Expertise: Work on highly complex projects and maintain knowledge across multiple domains (networking, server, endpoints, mobile, cloud, etc.)
5. Information Security Engineer Accountabilities
- Risk Management: Helping data controllers and technical resources managers to identify and manage security risks
- Threat Analysis: Assisting with analysis of malware, alerts, and newspapers to detect signs of malicious activity
- Intrusion Testing: Overseeing analysis of systems and applications' security using intrusion tests and scanning tools
- Plan Implementation: Implementing remediation plans in close collaboration with IT teams
- Process Control: Putting in place a control process
- Change Management: Managing or assisting resources in change projects relating to information systems security
- Problem Review: Conducting reviews of security problems
- Awareness Communication: Assisting in communications, Intranet updates, and documents to raise awareness of IT security
- Process Documentation: Documenting internal processes, helping to draw up security standards and directives
- Policy Compliance: Working closely and in compliance with the company’s policies concerning information security, compliance, and business IT architecture within the framework of the international security community
- Security Reporting: Reporting regularly to the AMERICAS ISO and regional IT management on the level of security and compliance with the security policy, its directives, and applicable regulations (GDPR, PCI-DSS, HDS, HIPAA, etc.)
- Cycle Adoption: Adopting the remediation plan in the Plan-Do-Act-Check cycle
- Incident Reporting: Defining and implementing reporting on security incidents, prevention, and intelligence on security threats
- Issue Ownership: Taking responsibility for subjects that appear not to be managed and involving different types of intermediary to clarify their objectives, implementation steps, and key success factors
- Stakeholder Communication: Facilitating and promoting an environment in which stakeholders can communicate openly with honesty and respect
6. Information Security Engineer Functions
- Policy Alignment: Collaborate with business units and corporate partners to ensure solutions are built consistently with the organization's policies, programs, architectural recommendations, and information security standards
- Tool Development: Build and customize security tools used by the security team and other technology team members
- Product Evaluation: Lead product selection efforts, including defining evaluation criteria and test plans
- Security Advisory: Serve as an internal information security advisor and subject matter expert to the organization on various security initiatives
- Best Practices: Introduce best practices and principles to enable consistent delivery and enable alignment with long-term direction
- Threat Response: Understand the common types of cyber-attacks and countermeasures in the industry and engage with the business units to resolve within SLAs
- Incident Procedures: Develops tactical response procedures for security incidents
- Metrics Reporting: Develop, build, and implement a mature and robust set of metrics and reports
- System Design: Work with other teams, research, design, implement systems/solutions, and enforce best practices and standards
7. Information Security Engineer Job Description
- Project Leadership: Lead projects through all phases of design and implementation, with areas of responsibility
- Security Management: Plan, implement, manage, monitor, and upgrade security measures for the protection of the organization's data, systems, and networks
- Security Auditing: Perform ongoing security reviews and audits to check, troubleshoot, and improve applications' security
- Design Engineering: Provide engineering designs for new software solutions to help mitigate security vulnerabilities
- Architecture Support: Contribute to all levels of the application architecture and the company’s infrastructure to maintain security
- Device Auditing: Use a security task force to perform an annual security audit of employees' company devices
- Regulation Compliance: Make sure the company processes are compliant with the healthcare industry security regulations
- Documentation Maintenance: Maintain information security documentation
- Code Consultation: Consult the Engineering team members on secure coding practices
- Trend Awareness: Develop a familiarity with new security trends and best practices
8. Information Security Engineer Overview
- Strategy Implementation: Implement and maintain security strategies
- Audit Participation: Participate in information security audits, whether performed by an organization or third-party personnel
- Architecture Evaluation: Evaluate current technology architecture for vulnerabilities, weaknesses, and for possible upgrades or improvements
- Program Execution: Implement information security goals and new programs effectively, while working with other teams within the organization
- Operations Support: Assist the greater Technical Operations organization in completing tasks such as system maintenance/upgrades, tool development, and workflow design from an information security perspective
- Needs Assessment: Evaluate the ECE's security needs and help establish best practices and standards accordingly
- Event Monitoring: Monitor and respond to security events, providing notification, analysis, forensics, and reviews
- Technology Expertise: Advanced knowledge of IDS/IPS, SIEM, DLP, Attack Mitigation, and Prevention
- Threat Understanding: Understand the latest security threats and vulnerabilities and how they affect the ECI Cloud and Corporate infrastructures
- Team Contribution: Support and contribute to the information security team’s efforts
- Program Development: Develop, document, maintain, and monitor the security program including frameworks and industry compliance mandates
- Risk Assessment: Assist with internal risk assessments and gap analysis and help drive remediation efforts
- Impact Analysis: Help conduct impact analysis for different environments and products
- Vendor Coordination: Work with third-party vendors and partners to coordinate independent audits, risk assessments, vulnerability identification, and penetration testing
9. Information Security Engineer Details and Accountabilities
- Solution Design: Work in a team to identify and implement an optimal technical solution to meet customer requirements
- Quality Improvement: Promote and enhance the quality of solutions through the life cycle of solutions
- Delivery Excellence: Raise the quality of delivery by promoting and introducing positive practices in teams
- Data Analysis: Participate in transforming, searching, and resolving problems based on big data
- Documentation Maintenance: Write and maintain product documentation related to the assigned product modules
- Infrastructure Support: Supporting a mid-size network infrastructure via the implementation and daily operation of network and system monitoring capabilities
- Log Analysis: Perform detailed log analysis, network traffic monitoring, and vulnerability risk assessment
- System Assessment: Conduct assessments of existing systems to identify vulnerabilities
- Risk Mitigation: Work with internal and external technical stakeholders to mitigate and eliminate risks
- System Optimization: Assist the technical team with network/system optimization and performance tuning
10. Information Security Engineer Tasks
- Gap Identification: Identify all security gaps and issues throughout the organization
- Policy Mitigation: Policies and standards and work with the business to mitigate them
- Risk Reporting: Create reporting and dashboards for tracking security gaps and prepare risk reports
- Stakeholder Communication: Different audiences throughout the organization including senior executives
- Project Monitoring: Monitor the implementation of mitigation projects and their impact on reducing security risk
- Governance Input: Work with the Security Governance team to provide inputs to security policies and standards based on analysis of security issues
- Process Management: Manage other information security processes
- Risk Assessment: Conduct security risk assessments and work with the business to identify appropriate mitigating projects
- False Positive: Identify and provide supporting information on false positives
- Code Review: Deep-dive into the code paths to check for logical errors and flaws in the design and architecture that most automated tools cannot find
- Threat Analysis: Analyze legitimate security threats, including the likelihood of determination, impact analysis, and risk determination
- Risk Prioritization: Work with development and product owners to prioritize risk responses, including control recommendations and documentation
- Result Justification: Communicate with internal teams and the external customer to provide analysis results and supporting justification
- Process Automation: Analyze processes to identify opportunities for re-engineering to enable target state automation
- Access Integration: Review architectural models and entitlement designs for integration points and interoperability with future state access control solutions
- Control Verification: Verify controls and verify structures to support adherence to policies, identify gaps and ensure these are addressed