The Security Engineer perform responsibilities on engineering project teams, provides subject matter expertise for Information Security (consulting to technical and non-technical management and the user community), and performs key risk and vulnerability management functions within Information Security.
Summary of Duties:
Serve as a subject matter expert for Information Security, consulting to technical management (serving on project teams, discussing application and systems architectures, etc), non-technical management (educating the user community on information security) and attorneys (eg litigation-related technical education) as necessary.
Assess and triage information on existing emerging threats, including software vulnerabilities. Work with all areas of IT to ensure system vulnerabilities are addressed and remediated effectively and efficiently.
Leverage, administer and support security technologies owned by the team.
Effectively perform risk assessments for IT projects, technologies and third-parties (eg, vendors and service providers). Coordinate with IT teams in delivering recommendations and following up on action items.
Maintain, manage and monitor compliance to ISO 27001, regulatory/legal requirements and client requirements.
Assist in coordination of the Security Awareness program, including development of awareness content, scheduling of awareness activities and measuring progress of the program.
Participate in long-term strategy and planning for Information Security
Respond to IT Security questionnaires from current and prospective clients and business partners
Assist in development and maintenance of security policies, standards, processes and guidelines for approval by Firm management. Evaluate exception requests and make approval recommendations to management.
Qualifications & Requirements
Three years professional experience, including 2 years working in area of risk management, governance, IT security and/or compliance.
Familiarity with Security frameworks and regulations: ISO 27001, NIST, etc.
A strong candidate will have one or more of the following certifications:
o Certified Information Systems Security Professional (CISSP) or Certified Information Security Auditor (CISA). CISSP Associate will be considered.
o Various vendor-specific certifications relevant to one or more Specific Technologies listed at the end of this description
Employment Type: Permanent
Work Hours: Full Time
Pay: $90,000 to $115,000 USD
Pay Period: Annual
Other Pay Info: Bonus
Click here to apply
Please mention that you saw the job on Telecom Market Intelligence