Security Engineer

Description

• Responds to and, where appropriate, resolve or escalate reported security incidents.
• Monitors system logs, SIEM tools, hunts for exploits, and network traffic for unusual or suspicious activity.
• Interpret such activity and make recommendations for resolution.
• Investigate and resolve security violations by providing postmortem analysis to illuminate the issues and possible solutions.
• Monitors internal control systems to ensure that appropriate information access levels and security clearances are maintained.
• Working knowledge of compliance standards such as, NIST, ISO27001, HIPAA, HiTRUST and FedRAMP.
• Working experience with various security tools to locate and repair security problems, exploits, incidents, or failures.
• Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management.
• Experience with NESSUS in a complex network environment.
• Experience with a variety of security tools and software.
• Working experience on regulatory compliance drivers such as NIST CSF and NIST.

All employees have the following security and privacy responsibilities:

• Complete required security and privacy training timely.
• Abide by all corporate security and privacy policies.
• Report all suspected incidents to the Security & Risk Team promptly.
• Safeguard all company assets and credentials in their possession.
• Safeguard all sensitive personally identifiable information[1] must be protected and used only for business purposes.