IT Security Engineer

The Information Security Engineer will provide accurate and timely monitoring and reporting of systems and potential risks related to the company. This position will assist in the design and implementation of the company's cybersecurity solutions ensuring digital assets are protected from unauthorized access. Perform regular security audits of information systems and develop corrective action plans. Expected to maintain and update information security processes, procedures training programs, and documentation, while providing information security expertise to reduce risk and ensure appropriate levels of data confidentiality, integrity, and availability.

Essential Duties and Responsibilities :

• Nothing in this job description restricts management's right to assign or reassign duties and responsibilities to this job at any time.
• Focus on preventing IT-based crime, hacking, intentional or inadvertent modification, disclosure, or destruction to an organization's information systems and IT assets and intellectual property.
• ssist with the evaluation, development, implementation, monitoring, and maintenance of client information security policies, solutions, procedures, standards, and guidelines.
• Develop and oversee vulnerability management program.
• dminister and enhance an ongoing risk assessment program, provide recommendations for improved security design
• Daily administration of information security systems that includes firewalls, spam filtering, URL filtering, endpoint security, IPS, data governance, Identity management, syslog server infrastructure and other perimeter and endpoint security systems.
• Designing, testing, and implementing secure operating systems, networks, and databases.
• Conduct risk audits and assessments, providing recommendations for improved security design.
• Implement and oversee identity management systems to meet specific security needs and complex compliance standards.
• Work with the Security Operation Center to maintain rules and alerts within the SIEM as well as be an escalation point to said alerts.
• Evaluate and report on potential risks and threats to Information and data systems. Participate in threat hunting and work on remediation efforts.
• Support, maintain and ensure client policy alignment with NIST 2.0 Framework.
• Evaluate and improve information system and security controls related to applications, business processes, change control, data center operations, and incident management processes.
• Reviews existing security architecture, identify and analyze design gaps, and recommends security enhancements.
• Remains current on emerging security threats and design security architecture to mitigate.
• Ensures alignment between security architecture frameworks and standards and overall business strategy.
• Serves as an information security expert and trusted advisor to partners in IT and the business.
• ssist with the design of security architecture compliance on requirements, including but not limited to : Sarbanes-Oxley, payment card industry standards, HIPAA / HITECH, global data privacy requirements, as well as state and federal regulations.
• Manage content for the security awareness training program for employees and authorized users. Provide additional training when needed.
• ctively participate in defining security requirements for information technology projects, conduct and direct research into IT issues and products.
• Keen attention to detail with proven analytical, evaluative, and problem-solving abilities.
• Manage, support and administer Endpoint Security Products.
• Perform any other tasks / duties as assigned by management.

Education Requirements and Qualifications :