Information Security & Risk Engineer

Description

JOB SUMMARY

The Information Security and Risk Engineer role leads collaboration, design, development, and implementation of enterprise information security architectures, solutions, and policies. Role may focus on technical or administrative aspects of security or encompass a mixture of both.

Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.

Essential Duties & Responsibilities

• Applies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects.
• Contribute to the development of policies and procedures.
• Develops technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organization objectives
• Completes work independently receives general guidance on new projects. Work reviewed for purpose of meeting objectives.
• Serve as an information security expert, helping project teams comply with enterprise and IT security policies, regulations, and recommend strategic solutions. Recommend mitigation steps to reduce business impact of emerging information security threats and vulnerabilities
• Seek opportunities to research, design, and advocate new technologies, architectures, products, policies, processes or procedures that will support security requirements for Outcomes, business partners, and vendors
• Ensure accurate and timely reporting; prepare specialized and ad hoc reports
• May act as a mentor to less experienced colleagues
• Travel Requirements: Domestic and/or International, up to 15%
  
  

Qualifications

KNOWLEDGE & REQUIREMENTS

• Familiarity with information security concepts, relevant tools and standards
• Knowledge of Microsoft Office Suite, Excel skills
• Knowledge of information security principles related to Confidentiality and Integrity, Availability (CIA)
• Demonstrated experience with systems and data query tools
• Demonstrated team performance skills, service mindset approach, and the ability to act as a trusted advisor
  
  

Education & Experience Requirements

• Minimum years of work experience: 5 years Information Technology sector experience or equivalent
• Minimum level of education or education/experience: Bachelors or equivalent work experience in computer science, information technology, or a related field
• One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP, Security+ or other.
  
  

Physical Requirements

• Frequent sitting in stationary position at a desk
• Occasional standing, walking, stooping, kneeling, squatting, and climbing stairs
• Occasional twisting of body
• Occasional reaching by extending hands and arms in any direction
• Occasional lifting, pulling, or pushing