Sr. Information Security Engineer

Responsibilities:  

The successful candidate will work with systems, applications, and solutions for AOTO’s enterprise-wide cyber systems and networks. This is a hands-on role that requires deep technical knowledge of systems, networks, and application security along with a solid understanding of enterprise-level security frameworks, policies, processes, and standards. The position requires strong critical thinking and analytical skills, attention to detail, and excellent oral and written communication skills. 

• Follow through the Incident Response lifecycle for assigned tickets/alerts  

• Work with systems engineers/administrators to facilitate remediation of tickets/alerts. 

• Work with SIEM systems to analyze security logs for event correlation 

• Interpret vulnerability scans and work with system owners to ensure remediation and compliance with Vulnerability Management policies.  

• Develop and implement new approaches and procedures regarding security measures that  comply with Judiciary and AOTO policies and guidelines. 

• Provide customers with incident response support, including mitigating actions to contain activity and facilitating forensics analysis when necessary 

• Report to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance 

• Work collaboratively with the information security team to identify, select, and implement technical controls 

• Assist in the coordination and completion of information security operations documentation (e.g. Work Instructions, SOPs) 

• Perform other duties as assigned. 

• Monitors and analyzes Intrusion Detection Systems (IDS) to identify security issues for remediation 

• Recognizes potential, successful, and unsuccessful intrusion attempts and compromises thorough reviews and analyses of relevant event detail and summary information 

• Evaluates firewall change requests and assesses organizational risk 

• Communicates alerts to agencies regarding intrusions and compromises to their network infrastructure, applications, and operating systems 

• Assists with implementation of countermeasures or mitigating controls 

• Develops, tests, and operates firewalls, intrusion detection systems, enterprise antivirus systems and software deployment tools 

• Safeguards the network against unauthorized infiltration, modification, destruction, or disclosure 

• Researches, evaluates, tests, and implements new security software or devices 

• Conducts investigations of information systems security violations and incidents, reporting as necessary to management 

• Implements, enforces, communicates, and develops security policies or plans for data, software applications, hardware, telecommunications, and information systems security education/awareness programs 

• Performs periodic and on-demand system audits and vulnerability assessments, including user accounts, application access, file system and external Web integrity scans to determine compliance 

• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information 

• Provides information assurance project management, technical security staff oversight, and development of mission-critical technical documents 

• Ensure compliance with regulations and privacy laws 

• Develops materials for computer security education/awareness programs 

• Responds to queries and requests for computer security information and reports 

• Provides recommendations to clients on information assurance engineering standards, implementation dependencies, and changing information assurance related technologies 

• Develops and improves processes and direction for projects 

• Provides information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information 

• May coach and provide guidance to less-experienced professionals 

• Recognized as a Subject Matter Expert in information security 

Qualifications:  

REQUIRED SKILLS: 

• At least 8 years total IT experience, with 2-5 years of experience as a security administrator, engineer, or analyst in an enterprise environment 

• Experience with Vulnerability Management Systems (e.g. Nessus) 

• Experience with Patch Management Systems (e.g. Quest/Dell Kace 1000) 

• Experience with Web-based threat protection (e.g., Websense) 

• Experience coordinating and overseeing the implementation of security patches. 

• Experience with remediation of security vulnerabilities. 

• Knowledge of the operating characteristics of various operating systems, e.g. Windows 7 and 10, Windows server 2008/2012/2016, iOS. 

• Knowledge of general management and auditing techniques for identifying problems, gathering and analyzing pertinent information, forming conclusions, developing solutions and implementing plans consistent with management goals. 

• Plan, manage and provide guidance pertaining to IT Security to include all phases of computer security (i.e., hardware, software, and telecommunications equipment, installation and evaluation). Work frequently requires the candidate to be involved in diverse projects simultaneously, several of which may have equally high priority. 

• Excellent oral and written communications skills. Interaction and information gathering with coworkers and customers. 

EDUCATAION/CERTIFICATIONS: 

• BA/BSc, 8+ years of experience

• Industry leading certifications relating to IT security (CISSP, GIAC, etc.). preferred, or Security+ with enough skills/experience to complement.