InfoSec Engineer

Job Summary:  

The Information Security Engineer is responsible for planning, designing, and building security architectures, overseeing the implementation of network and computer security, and ensuring compliance with corporate cybersecurity policies. They monitor cybersecurity requirements for various network types and devices, perform security assessments through testing and risk analysis, configure firewalls and intrusion detection systems, and apply software patches to remove vulnerabilities. Additionally, they respond promptly to cybersecurity incidents, conducting thorough post-event analysis and forensic investigations when necessary. 

Responsibilities: 

• Suggest improvements to existing processes/systems effectively. 

• Understand the Clearwater System well. 

• Apply working knowledge and skills in automation, scripting, and code security. Can conduct secure code reviews and/or threat model architecture. 

• Professionally apply information security, compliance, assurance, or other security practices and principles. 

• Stay updated on evolving threats and security vulnerabilities. 

• Provide troubleshooting for all systems and processes they are responsible for. 

• Assess risk based on a given risk assessment framework. 

• Resolve all but the most complex operational issues without escalation. 

• Present solutions when presented with problems. 

• Actively seek opportunities to improve key systems without daily direction. 

• Assist in organizing groups and coordinating projects or issue resolution. 

• Contribute to defining, documenting, and evolving best practices for system installation, configuration, troubleshooting, and monitoring. 

• Go beyond basic requirements to support their own team and others. 

• Approach distributed system debugging, incident response, and reverse-engineering tasks positively and without assigning blame. 

• Identify significant gaps in security and tooling functionality that will drive system improvement. 

• Take on assignments, projects, or problems and lead and implement solutions to completion effectively. 

Required Skills:  

• Understanding of security best practices and how to implement them at an enterprise level. 

• Basic coding skills – SQL, Python, and other scripting languages. 

• Understanding of common Information Security concepts, practices, and procedures. 

• Understanding of vulnerability analysis, penetration testing, encryption technologies, intrusion detection, incident response. 

• Ability to prioritize work. 

• Strong computer skills, including proficiency in Microsoft Office.  

• Excellent attention to detail and strong documentation skills.  

• Outstanding verbal and written communication skills.  

• Strong organizational and interpersonal skills. 

• Exceptional problem-solving abilities. 

 
Education & Experience:  

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related area of study. 

• 4+ years of relevant experience. 

• Industry certifications in cyber security incident management preferred. 

• Experience in analyzing network and system logs. 

• Experience in Network Security or Application Security.