Gravity IT Resources
Job title: Information Security Engineer
Time Zone: EST Time Zone
Duration: Full Time
Work Authorization: USC/Green Card Holder
The Information Security Engineer works closely with the IT Service Management Team and Information Security Team to help develop and maintain our client's Security Program. The incumbent will use their knowledge and experience to build, use and maintain Information Security systems and tools to strengthen the organization’s security posture and protect its users, data and information systems. This role will also work with other departments to help educate and train them on security policies and practices.
- Helps, implement, assess, and deploy security solutions and products
- Supports all Information Security cloud and on-premises systems and tools, troubleshooting and resolution of issues
- Supports SIEM implementation and operations, including log ingestion, alert creation and analysis, system tuning, and monitoring
- Monitor security systems, analyzes potential threats and vulnerabilities
- Assists with incident response and root cause analysis activities
- Works with other teams to assist in resolution of security issues and vulnerabilities with systems/processes they control by providing guidance for securing information systems and validating remediation efforts
- Acts as primary escalation point for questions and concerns regarding any information security related topics from users
- Assists with implementation of new Information Security controls, policies, and procedures
- Assists with maintenance of secure baseline configurations
- Updates Information Security Program documentation and policies as needed
- Performs other duties as assigned
Work Environment and Physical Demands:
- Remote or Standard office or data center environment.
- Travel to branch offices and data centers may be required.
- Core business hours are Monday through Friday from 8:00am – 5:00pm. Occasional evenings and weekends may be required.
- Ability to lift and move equipment weighing up to fifty pounds (50 lbs.).
- Minimum of three years of experience in Information Technology
- Background with Windows operating system platforms
- Technical knowledge of networking systems, protocols and standards
- Experience in threat detection development including knowledge and understanding of various logging formats and source data
- Knowledge and understanding of various types of security attacks, techniques, threats and adversaries
- Incident handling/incident response/security analytics skills
- Understanding of security concepts, design and their implementation
- Ability to work easily with diverse and dynamic teams
- Self-motivated, able to follow instructions and work independently
- Strong attention to detail and organizational skills
- Analytical and problem-solving skills
- Ability to adapt to the demands of a fluid and changing environment
- Strong oral and written communication skills
- Desire, willingness and ability to learn new skills
- Associates degree in computer science or equivalent experience.
- Experience with commercial and open-source security applications and technologies (e.g., malware prevention, MFA, DLP, IDS/IPS, cryptography, vulnerability scanning/management)
- Ability to read, write and understand multiple programming languages.
- Experience with securing cloud environments
- Knowledge of security frameworks such as NIST Cyber Security Framework (CSF), Center for Internet Security (CIS) controls and implementation, and MITRE ATT&CK Framework
- Cybersecurity Certifications current or expired (CISSP, CISA, CISM, Security+, CEH, GSEC, SSCP, CASP, GCIH, OSCP) and similar.
Cybersecurity Tool Familiarity:
- Burp Suite (PortSwigger) Enterprise and Pro
- Cisco Umbrella
- Rapid 7 InsightVM
- Rapid 7 InsightIDR