is assisting our client, a well-known and trusted Information Technology solutions company in their efforts to hire a Senior Information Security Engineer
to work in the Okemos, MI
What You Will Be Doing:
- Provide senior-level leadership and guidance in all areas relating to information security in order to align and establish information security architecture and strategy with business requirements.
- Leads and conducts audits of corporate information systems to ensure compliance with security policies, NIST security controls, PCI-DSS, and applicable state and federal laws and regulations.
- Identifies functionality requirements, and performs implementation and advanced security administration of tools (e.g. SIEM, vulnerability management, web application firewall).
- Trains and transitions day-to-day support of security tools to information security analysts.
- Establishes control-related standards and procedures and prepares project status reports for senior management.
- Designs and coordinates business resumption and recovery test and evaluation plans for security, in support of disaster recovery and business continuity plans.
- Identifies potential risk items and subsequent remediation of vulnerabilities in the environment.
- Supports day-to-day monitoring of logs and alerts from firewalls, log management, intrusion detection systems content filtering controls, etc.
- Performs forensic analysis and investigation of log alerts and malware.
- Provides advanced security analysis and guidance to the information security analyst and administrator team members.
- Provides advanced technical problem-solving in the configuration and utilization of all security-enabled applications, systems, and network devices.
- Provides advanced technical analysis of commercial and government customer requirements and controls.
What We Need From You:
- Position requires a bachelor's degree in information technology or a related field
- Seven years experience in information security or system administration.
- CISSP certification is required or the ability to obtain one within 12 months of employment. Will accept any suitable combination of education, training, or experience.
- The position requires advanced knowledge of information security principles and practices, intrusion detection systems, installation, configuration, monitoring and response to security systems, advanced security protocols and standards, software and security architectures, risk management, control techniques and frameworks, planning and project management, regulations, and laws
- Ability to lead teams
- Ability to collect and analyze complex data; use data extraction and analysis tools