Title: Sr. Information Security Engineer
Location: (100% Remote)
Duration: 6+ months c2h
MOI: Skype
MUST HAVE.
This role will assess strategic information security goals, convert them into actionable solutions, and develop implementation plans. The position will support and mentor junior team members, conduct security gap analyses for new IT and business projects, and recommend solutions. Additionally, the role involves creating policies and standards to define and enhance the Information Security Mission and drive the Security Program’s maturity.
ESSENTIAL JOB FUNCTIONS AND DUTIES
- Deliver a “security first” attitude in all actions and conduct.
- Offer strategic and tactical insights on Security Directives, focusing on contextualizing risk management.
- Perform security-focused risk assessments of new and existing applications and systems.
- Design and implement security measures for software and systems.
- Provide security guidance and recommendations during the software development lifecycle.
- Collaborate with cross-functional teams to integrate security best practices.
- Respond to alerts, adjudicate Indicators of Compromise, correlate data, advise leadership, participate in corrective actions, and provide direct support to incident response.
- Work with Security Leadership to align strategic objectives and translate them into actionable plans.
- Develop technical implementations for security controls and manage their adoption.
- Mentor security administrators and analysts in collecting data from various Computer Network Defense (CND) tools to analyze events within their environments, including intrusion detection system alerts, firewall logs, network traffic logs, and host system logs.
- Interpret, analyze, and report all events and anomalies in accordance with information security directives.
- Demonstrate the Fund’s Diversity and Inclusion (D&I) principles in their conduct at work and contribute to a safe, inclusive culture with equitable opportunities for success and career growth.
- Exemplify the Fund’s BETTER Values in contributing to a respectful, trusting, and engaged culture of diversity and inclusion.
- Perform other duties as assigned within the scope of responsibilities and requirements of the job.
- Perform Essential Job Functions and Duties with or without reasonable accommodation.
ESSENTIAL QUALIFICATIONS
Years of Experience and Knowledge
- 5–7 years of direct experience minimum
- Strategic knowledge and experience in HIDS/NIDS Security Incident Event Management
- Proven engineering experience in SIEM development, integration with Active Directory (on-premise and Azure)
- Demonstrable knowledge of Cloud (especially Azure) Security Principles equivalent to Center for Internet Security (CIS) benchmarks v1.5 or higher
- Engineering level experience managing compliance expectations in Azure Compliance Console
- Operational competency with Dynamic Application Security Testing in DevOps environments
Education, Licenses, and Certifications
- Bachelor’s degree in Cyber Security, Computer Science, or related field, or equivalent work experience required
- Preferred: Certification in CISSP/SANS GSEC or higher
Skills and Abilities
- Intermediate level Microsoft Office skills (PowerPoint, Word, Outlook, Excel)
- Advanced level skills in industry-leading systems: Security Event & Incident Management, Centralized XDR End-point security, Centralized Inventory Management
- Demonstrable knowledge of Microsoft Security principles
- Strong understanding of major security controls and frameworks (e.g., NIST 800-series, CIS version 8)
- Practical familiarity with HIPAA Security Rule and PCI-DSS
From:
Sankhi Tudu,
Vyze Inc
studu@vyzeinc.com
Reply to: studu@vyzeinc.com