About the role...

The Information Security Engineer is responsible for planning, developing, implementing, and maintaining information security environment in alignment with industry standard practices, authoritative source guidance, and regulatory requirements. The ISE will have primary responsibility for several areas of information security, including, but not limited to: data security, security baselines, endpoint security, network security, security monitoring, threat intelligence, vulnerability management, Identity and Access Management (IAM), information security incident management, and resiliency. This position will work with the Associate Vice President, Information Technology to provide reporting to organizational leadership regarding the current status of the information security program.

This opportunity is remote within the continental United States.

You will...

• Design and implement information security architecture and solutions that meets the organization's needs for confidentiality, integrity, and availability of information and systems.
• Develop technical security projects to address identified information security risks and business information security requirements.
• Manage the process of gathering, analyzing and assessing the current and future threat landscape, as well as providing management with a realistic overview of risks and threats in the company's environment.
• Stay up-to-date with emerging security threats and vulnerabilities, and recommend appropriate countermeasures and security technologies.
• Integrate security requirements into system and network architecture.
• Participate in incident response and investigation activities and develop and maintain incident response plans.
• Participate in audits and assessments of the organization's security posture and ensure that any identified deficiencies are remediated in a timely and effective manner.
• Monitor and report on compliance with technical security policies.
• Communicate information security goals and new programs effectively to the Associate Vice President, Information Technology.
• Serve as a focal point of contact for the information security team.
• Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement.
• Implement and oversee technological upgrades, improvements and major changes to the information security environment.
• Monitor the external threat environment for emerging threats and advise relevant stakeholders on the appropriate courses of action.
• Work with the development teams to ensure that there is a convergence of business, technical and security requirements.
• Design, coordinate and oversee security testing procedures to verify the security of systems, networks and applications, and manage the remediation of identified risks.
• Manage and contain information security incidents and events to protect IT assets, intellectual property, regulated data and the organization's reputation.

You need...

• A Bachelor's degree in Computer Science, Information Security or equivalent work experience.
• 4-7 years of experience in Information Security, with a focus on security architecture.
• Professional security management certification or be able to achieve certification within 6 months, such as Certified Information Systems Security Professional (CISSP), CISSP Architecture Concentration (CISSP-ISSAP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), SANS Global Information Assurance Certification (GIAC), or other similar credentials.
• Strong knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
• Excellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to convey information security concepts to technical and nontechnical audiences at various hierarchical levels.
• Experience in designing and implementing security solutions for enterprise-level organizations.
• Strong understanding of security technologies and protocols, including firewalls, intrusion detection/prevention systems, VPNs, encryption, and access control systems.
• Familiarity with regulatory requirements related to handling information, including SOX, HIPAA and Payment Card industry/Data Security Standard (PCI).
• Experience with vulnerability resolution best practices.
• Keep abreast of industry security trends and developments.
• Vendor relationship management – ensure that service levels and obligations are met.
• Excellent analytical skills, the ability to manage multiple projects under strict timelines.

We offer competitive compensation and excellent benefits:

• Medical, Dental and Vision Insurance
• 3 weeks of Vacation Time
• Up to 8 days of Sick Time
• Ability to work 100% remote! 
• Paid Holidays (11)
• Retirement Plan with a company match up to 5%
• Identity Protection
• Unlimited On-line Training thru Linkedinlearning.com