Information Security & Risk Engineer
Description:
JOB SUMMARY
The Information Security and Risk Engineer role leads collaboration, design, development, and
implementation of enterprise information security architectures, solutions, and policies. Role
may focus on technical or administrative aspects of security or encompass a mixture of both.
Information Security and Risk develops, implements, and enforces security controls to protect
the organization's technology assets from intentional or inadvertent modification, disclosure, or
destruction. This job family develops system back-up and disaster recovery plans. Information
Technology also conducts incident response, threat management, vulnerability scanning, virus
management and intrusion detection and completes risk assessments.
ESSENTIAL DUTIES & RESPONSIBILITIES
Applies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects.
Contribute to the development of policies and procedures.
Develops technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organization objectives
Completes work independently receives general guidance on new projects
Work reviewed for purpose of meeting objectives
Serve as an information security expert, helping project teams comply with enterprise and IT security policies, regulations, and recommend strategic solutions. Recommend mitigation steps to reduce business impact of emerging information security threats and vulnerabilities
Seek opportunities to research, design, and advocate new technologies, architectures, products, policies, processes or procedures that will support security requirements for Outcomes, business partners, and vendors
Ensure accurate and timely reporting; prepare specialized and ad hoc reports
May act as a mentor to less experienced colleagues
KNOWLEDGE & REQUIREMENTS
• Familiarity with information security concepts, relevant tools and standards
• Knowledge of Microsoft Office Suite, Excel skills
• Knowledge of information security principles related to Confidentiality and Integrity, Availability
(CIA)
• Demonstrated experience with systems and data query tools
• Demonstrated team performance skills, service mindset approach, and the ability to act as a
trusted advisor
EDUCATION & EXPERIENCE REQUIREMENTS
• Minimum years of work experience: 5 years Information Technology sector experience or
equivalent
• Minimum level of education or education/experience: Bachelors or equivalent work experience
in computer science, information technology, or a related field
• One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC,
CISA, SSCP, Security+ or other