Information Security Engineer

Overview

Information Security Engineer

The Information Security Engineer is a key technical resource within the organization on all matters relating to cyber security. The role is responsible for guiding the IT organization with security technology, standards and expert consulting in the secure deployment and maintenance of information assets.

Responsibilities

  • React to evolving threat conditions and advise technology teams on risk and threat remediation.
  • Work closely with development teams to implement and maintain a robust Security Development Lifecycle
  • Conduct information security architectural reviews for medium to high risk projects at a key project gates
  • Provide expert information security consulting to project teams needing guidance beyond the frameworks and standards
  • Design and drive the implementation and maintenance of appropriate layers of defense to protect the organization’s information assets
  • Identify and quantify the organization’s information risks and guide the organization in mitigating risk to an acceptable level
  • Help create an information security engaged and accountable culture within IT
  • Stay current on common and emerging attack vectors as well as the best tools and practices for thwarting them
  • Ensure all controls required for regulatory compliance are in place and working as expected
  • Conduct forensic investigations maintaining chain of custody as appropriate
  • Respond to information security incidents with expertise to quickly contain and eradicate the threat
  • Perform regular network and application vulnerability assessments and penetration testing
  • Ensure the Availability, Confidentiality, and Integrity of TravelClick systems and networks.

Qualifications

  • 5+ years of experience in advanced network design, implementation, and management
  • 5+ years of experience implementing network, systems, and application security
  • 3+ years of experience in Security Engineering, Security Risk Analysis, Policy, and Procedures
  • Requires extensive experience in network and information security with a proven track record of success. Must possess detailed experience implementing security policies and infrastructure in datacenter environment, cloud computing or multinational organization.
  • Strong experience and detailed technical knowledge in security engineering, secure application development lifecycle processes, authentication and security protocols, and cryptography
  • Strong understanding of IP addressing, subnetting, DNS, switching, VLANs, trunking, advanced routing protocols, TCP/IP ports and services, UDP, different levels of the OSI model, and exposure to common server operating systems
  • Software development experience a big plus

Options


Back to top