Back to Careers

Information Security Engineer

Location: 
Cambridge
Date Posted: 
02/28/2019
Employment Type: 
Direct Hire
Job ID: 
9877
Description: 

Information Security Engineer

What You’ll Do: 

  • Ability to fine-tune security rules and processes for efficient detection and mitigation
  • Develop and maintain security utilities and metrics dashboards that help team to track/report on compliance
  • Evaluate software security products and technologies, as required
  • Help plan and carry out an organization’s information security strategy. Developing a set of security standards and best practices for the organization and recommend security enhancements to management, as needed. 
  • Develop strategies to respond to and recover from a security breach. Information Security Engineers are also responsible for educating the workforce on information security through training and building awareness.
  • Implement, install and use software, such as firewalls and data encryption programs, to protect organizations’ sensitive information. 
  • Test for vulnerabilities. Conducting periodic scans of networks to find any vulnerabilities.
  • Coordinating penetration testing, in which an external third party would simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.
  • Constantly monitor their organization’s networks and systems for security breaches or intrusions, via software notifications and identifying anomalous behavior.
  • Ability to respond to security incidents, to minimize the impact. Afterwards, executing technical and forensic investigation into how the breach happened and the extent of the damage. 

Who You Are: 

  • Ability to determine risk based on context
  • Ability to clearly articulate issues and communicate in an effective and personable manner
  • Ability to adjust quickly to the security needs of a highly agile organization
  • Knowledge of offensive and defensive IT security techniques
  • Knowledge of securing Mac, Windows, Linux & AWS environments
  • Skills in securing web applications
  • Ability to perform some level of forensic analysis
  • 2+ years of Information/Cyber Security Experience
  • BA or BS degree in Information Security, Cyber Security, Computer Science or other related degree
  • Knowledge of the following frameworks/compliance regimes; ISO, NIST, PCI, SOX, SSAE18, BSIMM and GDPR compliance
  • Knowledge of designing a comprehensive security programs for SaaS applications and Corporate environments including Vendor Security Assessments, Penetration Tests, Risk Management, Threat Intelligence, Vulnerability Management, Incident and Response, Security Training, Privacy and Compliance Programs
  • Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
  • Knowledge of risk assessment tools, technologies and methods
  • Experience designing secure networks, systems and application architectures
  • Knowledge of disaster recovery, computer forensic tools, technologies and methods
  • Experience planning, researching and developing security policies, standards and procedures
  • Ability to communicate network security issues to peers and management
  • Ability to read and use the results of malicious code, and anti-virus software