Under general direction, responsible for planning, implementation, and hands on maintenance of enterprise operational defenses against security breaches and vulnerabilities. This individual is additionally responsible for maintaining and extending the existing suite of defenses, and the creation and maintenance of Information Security policies, standards, and procedures in concurrence with industry best practices. NICE manages both public (AWS, Azure, etc.) and private (Data Center) clouds, and this position is responsible for the security of both types. The Information Security Engineer also participates as a member of the Computer Incident Response Team (CIRT) to identify and resolve potential security incidents. The ideal candidate will be self-motivated with a proven track record in Information Security technologies and be comfortable in the dynamic atmosphere of a technical organization.
Primary responsibilities include, but are not limited to the following:
- Participate as a member of the Information Security team in developing and maintaining the organization's security strategies.
- Manage Information Security systems, which include, but are not limited to: Centralized Logging, Intrusion Detection and Prevention, Firewalls, DLP, VPN, Vulnerability Testing, Penetration Testing, Encryption and Key Management, and Physical Security.
- Perform event/alert review and investigation from all collected systems and architectures, including but not limited to the following types: Windows and Unix operating systems, IDS, VPN, DLP, Firewalls, Web Applications, Anti-Virus, and File Integrity Monitoring.
- Identify, create and maintain security-related documentation and tools.
- Maintain ongoing knowledge of Information Security technologies.
- Maintain and ensure confidentiality of company, client, and employee data.
- Attend and participate in staff, project and vendor meetings.
- Attend and participate in after hours and weekend maintenance as necessary.
- Participate in Incident Response investigations as a member of the CIRT.
REQUIRED EXPERIENCE AND ABILITIES
- Minimum of 2 years of experience in Information Security or an information technology field.
- Experience with writing and maintaining tools in the powershell, bash, python, and ruby scripting languages.
- Experience with Windows Server, Linux/Unix and/or network device administration.
- Understanding of systems integration, web-based applications, and cloud-based technologies and architectures.
- Understanding of application design and development from business requirements analysis through to day-to-day management.
- Exceptional analytical and problem-solving abilities.
- Highly responsible, motivated team player.
- Ability to set and manage priorities judiciously.
- Excellent communication and interpersonal skills.
- Expert attention to detail.
- Ability to produce clean, concise diagrams and documentation.
NICE TO HAVES
- Knowledge of ISO 27001/2, PCI-DSS, HIPAA, GDPR, or other Information Security rules and regulations.
- GCIH or similar industry-standard security incident handling certification or the willingness and ability to obtain within 12 months.
- Experience with Amazon Web Services (AWS), Azure, Kubernetes, and similar cloud technologies.
- Experience working within the Agile framework and continuous delivery/continuous integration processes.
- Experience with enterprise security incident response, forensic investigation, and analysis.