Overview
On Site
$Competitive
Accepts corp to corp applications
Contract - Independent
Contract - W2
Skills
IT Security
Innovation
Cloud Computing
Policies and Procedures
Roadmaps
Penetration Testing
IT Management
Data Retention
Information Security
Research
Network
Teamwork
Documentation
Legal
Payment Card Industry
Collaboration
Risk Management
System Integration
Remote Access
Servers
Endpoint Protection
Technical Support
Data Security
Incident Management
Password Management
Identity Management
Access Control
Event Management
Disaster Recovery
Testing
Asset Management
Procurement
Inventory Management
Asset Accounting
Problem Solving
Conflict Resolution
Problem Management
Root Cause Analysis
Project Management
Change Management
Reporting
Status Reports
Publications
Leadership
Application Servers
Information Systems
Computer Science
OSCP
Training
Information Technology
Cyber Security
Certified Ethical Hacker
CISSP
CISM
ITIL
Security+
Vulnerability Management
Regulatory Compliance
Auditing
SIEM
Log Management
Multi-factor Authentication
Management
Firewall
IDS
IPS
Proxies
Virtualization
Computer Networking
Scripting
Job Details
Job Description:
As a cyber security expert, the security engineer has in-depth knowledge of Security, Virtualization, Networking, and Cloud.
They anticipate potential impacts, address security threats, develop effective sustainable strategies, troubleshoot complex issues, and review advanced technical configurations.
This role involves looking beyond current practices, standards, and procedures to reduce business risks by enhancing the organization's cyber security and compliance posture.
They use their experience and advanced knowledge to drive innovation and maturity.
The Security Engineer role focuses on delivering customer-oriented, business-appropriate solutions within a collaborative team setting.
They serve as a technical subject matter expert for applications and infrastructure cyber security solutions including web and cloud-based systems; operate products in-place; pro-actively monitor for security threats; investigate and resolve security breaches; conduct vulnerability audits and assessments; establish and maintain policies and procedures related to cyber security.
Their secondary purpose is supporting the client's IT systems and infrastructure engineering.
Responsibilities:
Enhance Security Posture: Continuously improve client's information security by staying updated on the latest threats, trends, and technology. Define and drive the security roadmap.
Identify and Mitigate Vulnerabilities: Monitor vulnerability notifications and perform penetration testing to identify and address security vulnerabilities. Coordinate with teams to ensure timely patching and remediation.
Recommend Remediation: Recommend and coordinate actions to mitigate risks and implement solutions and tools to address security vulnerabilities.
Implement Security Measures: Engineer, implement, and monitor security measures to protect computer systems, networks, and information.
Collaborate on IT Projects: Work closely with IT leadership to support global IT projects, conduct security assessments, and remediate non-compliant systems and processes.
Ensure Compliance: Support Public Record Coordinators to comply with Washington state data retention and disposal laws.
Develop Security Policies: Create and enforce Information Security Plans and enterprise cybersecurity policies.
Set Best Practices: Assess security requirements and establish appropriate best practices and standards.
Research Solutions: Research and develop cybersecurity technology solutions and work with vendors when appropriate.
Stay Informed: Maintain a strong knowledge of current security threats and use this information to identify and address new threats in a rapidly changing environment.
Mitigate Vulnerabilities: Implement and maintain security solutions, configure and troubleshoot security infrastructure, and design countermeasures to protect against breaches.
Monitor and Investigate: Monitor for security breaches, investigate incidents, and ensure management is informed quickly. Advise internal stakeholders on breaches, including root cause analysis and remediation.
Analyze Network Traffic: Analyze network traffic and packet captures to identify and address abnormal activity, making configuration changes to prevent future issues.
Lead IT Staff: Oversee and direct the work of subordinate IT staff and/or peers on assigned projects, ensuring effective teamwork and project completion.
Prepare Reports and Documentation: Prepare reports for Executive staff and internal department such as HR and Legal, draft correspondence, and participate in committees, task forces, meetings, and training sessions.
Conduct Compliance Audits: Support and conduct audits to ensure adherence to security standards, such as CJIS and PCI, and collaborate with auditors, the risk management office, or others to address any issues.
Coordinate with Agencies: Work with local, state, and federal organizations on cybersecurity matters.
Provide Engineering Analysis: Offer cybersecurity engineering analysis and systems integration across various areas, including firewalls, networks, remote access devices, IDS/IPS, servers, and endpoint security solutions.
Manage MFA Platform: Oversee the multi-factor authentication platform, including its implementation, administration, and user support to enhance security.
Manage the Extended Detection Response and Data Security Posture Platforms: Oversee the security platforms, including monitoring, threat detection, and incident response to protect sensitive information.
Manage PAM and Password Management: Oversee Privileged Access Management (PAM) and password management software, including user management and access controls.
Oversee SIEM System: Manage the Security Information and Event Management (SIEM) system and log management, including monitoring and analyzing logs to respond to security incidents.
Manage Security Education: Manage the security education and awareness program using tools like KnowBe4 to conduct simulated phishing attacks and deliver training.
Support Disaster Recovery: Participate in developing and implementing disaster recovery strategies, including planning, testing, and updating procedures
Vendor and Asset Management: Assist with product procurement, inventory management, and accurate asset accounting.
Problem-Solving: Perform problem-solving and analysis, including incident and problem management and root cause analysis.
Manage Projects and Priorities: Utilize project management and change management practices to manage work and priorities.
Planning and Reporting: Participate in work planning activities and provide status reports
Continue Learning: Stay current with technology, industry standards, and best practices for Cyber Security engineering by proactively attending training, classes, events, webinars, and reading industry publications to maintain or develop skills.
On-Call Duties: Be available for regular, periodic on-call duties and work beyond standard hours, including evenings, weekends, and holidays, to address critical issues and system upgrades.
Additional Duties: Complete other tasks and projects as assigned by IT Department leadership.
Minimum Qualifications:
Education, Experience and Training:
5 (Five) years' experience supporting information technology systems as a subject matter expert across two or more technology layers (application, server, networks, etc.) with three years specifically in cyber security, required.
A bachelor's degree in information systems, Computer Science or related field is desired, Industry standard license and certification such as CEH, or OSCP, CISSP, CISM is desired OR Any equivalent combination of education, experience and/or training sufficient to demonstrate the required knowledge, skills and abilities is acceptable.
General knowledge of Information Technology industry and best practices and expertise in cyber security.
As a cyber security expert, the security engineer has in-depth knowledge of Security, Virtualization, Networking, and Cloud.
They anticipate potential impacts, address security threats, develop effective sustainable strategies, troubleshoot complex issues, and review advanced technical configurations.
This role involves looking beyond current practices, standards, and procedures to reduce business risks by enhancing the organization's cyber security and compliance posture.
They use their experience and advanced knowledge to drive innovation and maturity.
The Security Engineer role focuses on delivering customer-oriented, business-appropriate solutions within a collaborative team setting.
They serve as a technical subject matter expert for applications and infrastructure cyber security solutions including web and cloud-based systems; operate products in-place; pro-actively monitor for security threats; investigate and resolve security breaches; conduct vulnerability audits and assessments; establish and maintain policies and procedures related to cyber security.
Their secondary purpose is supporting the client's IT systems and infrastructure engineering.
Responsibilities:
Enhance Security Posture: Continuously improve client's information security by staying updated on the latest threats, trends, and technology. Define and drive the security roadmap.
Identify and Mitigate Vulnerabilities: Monitor vulnerability notifications and perform penetration testing to identify and address security vulnerabilities. Coordinate with teams to ensure timely patching and remediation.
Recommend Remediation: Recommend and coordinate actions to mitigate risks and implement solutions and tools to address security vulnerabilities.
Implement Security Measures: Engineer, implement, and monitor security measures to protect computer systems, networks, and information.
Collaborate on IT Projects: Work closely with IT leadership to support global IT projects, conduct security assessments, and remediate non-compliant systems and processes.
Ensure Compliance: Support Public Record Coordinators to comply with Washington state data retention and disposal laws.
Develop Security Policies: Create and enforce Information Security Plans and enterprise cybersecurity policies.
Set Best Practices: Assess security requirements and establish appropriate best practices and standards.
Research Solutions: Research and develop cybersecurity technology solutions and work with vendors when appropriate.
Stay Informed: Maintain a strong knowledge of current security threats and use this information to identify and address new threats in a rapidly changing environment.
Mitigate Vulnerabilities: Implement and maintain security solutions, configure and troubleshoot security infrastructure, and design countermeasures to protect against breaches.
Monitor and Investigate: Monitor for security breaches, investigate incidents, and ensure management is informed quickly. Advise internal stakeholders on breaches, including root cause analysis and remediation.
Analyze Network Traffic: Analyze network traffic and packet captures to identify and address abnormal activity, making configuration changes to prevent future issues.
Lead IT Staff: Oversee and direct the work of subordinate IT staff and/or peers on assigned projects, ensuring effective teamwork and project completion.
Prepare Reports and Documentation: Prepare reports for Executive staff and internal department such as HR and Legal, draft correspondence, and participate in committees, task forces, meetings, and training sessions.
Conduct Compliance Audits: Support and conduct audits to ensure adherence to security standards, such as CJIS and PCI, and collaborate with auditors, the risk management office, or others to address any issues.
Coordinate with Agencies: Work with local, state, and federal organizations on cybersecurity matters.
Provide Engineering Analysis: Offer cybersecurity engineering analysis and systems integration across various areas, including firewalls, networks, remote access devices, IDS/IPS, servers, and endpoint security solutions.
Manage MFA Platform: Oversee the multi-factor authentication platform, including its implementation, administration, and user support to enhance security.
Manage the Extended Detection Response and Data Security Posture Platforms: Oversee the security platforms, including monitoring, threat detection, and incident response to protect sensitive information.
Manage PAM and Password Management: Oversee Privileged Access Management (PAM) and password management software, including user management and access controls.
Oversee SIEM System: Manage the Security Information and Event Management (SIEM) system and log management, including monitoring and analyzing logs to respond to security incidents.
Manage Security Education: Manage the security education and awareness program using tools like KnowBe4 to conduct simulated phishing attacks and deliver training.
Support Disaster Recovery: Participate in developing and implementing disaster recovery strategies, including planning, testing, and updating procedures
Vendor and Asset Management: Assist with product procurement, inventory management, and accurate asset accounting.
Problem-Solving: Perform problem-solving and analysis, including incident and problem management and root cause analysis.
Manage Projects and Priorities: Utilize project management and change management practices to manage work and priorities.
Planning and Reporting: Participate in work planning activities and provide status reports
Continue Learning: Stay current with technology, industry standards, and best practices for Cyber Security engineering by proactively attending training, classes, events, webinars, and reading industry publications to maintain or develop skills.
On-Call Duties: Be available for regular, periodic on-call duties and work beyond standard hours, including evenings, weekends, and holidays, to address critical issues and system upgrades.
Additional Duties: Complete other tasks and projects as assigned by IT Department leadership.
Minimum Qualifications:
Education, Experience and Training:
5 (Five) years' experience supporting information technology systems as a subject matter expert across two or more technology layers (application, server, networks, etc.) with three years specifically in cyber security, required.
A bachelor's degree in information systems, Computer Science or related field is desired, Industry standard license and certification such as CEH, or OSCP, CISSP, CISM is desired OR Any equivalent combination of education, experience and/or training sufficient to demonstrate the required knowledge, skills and abilities is acceptable.
General knowledge of Information Technology industry and best practices and expertise in cyber security.
Preferred Qualifications:
Certifications such as: CEH, CISSP, CISM, GIAC, ITIL, Security+
Working knowledge of:
Vulnerability management
Compliance frameworks and auditing
Anti-Virus or EDR / XDR tool management
SIEM platform and log management
Multi-factor authentication platform management
Firewalls
IDS/IPS
Proxies
Virtualization
Networking
Scripting
BCDR methods and products
Certifications such as: CEH, CISSP, CISM, GIAC, ITIL, Security+
Working knowledge of:
Vulnerability management
Compliance frameworks and auditing
Anti-Virus or EDR / XDR tool management
SIEM platform and log management
Multi-factor authentication platform management
Firewalls
IDS/IPS
Proxies
Virtualization
Networking
Scripting
BCDR methods and products
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.