Company Description:
BrookeLane Technologies is a leading managed IT service provider dedicated to delivering top-notch technology solutions to our diverse range of clients. We specialize in providing comprehensive IT services, including network management, cybersecurity, cloud solutions, and IT support. Our mission is to ensure our clients' IT infrastructure remains secure, efficient, and optimized for their business needs.
Job Description:
As an Information Security Engineer at BrookeLane, you will play a critical role in ensuring the security and integrity of our clients' IT systems and data. You will collaborate with our team of IT professionals to design, implement, and maintain robust security measures that protect against cyber threats and vulnerabilities. This role requires a deep understanding of cybersecurity best practices, industry standards, and regulatory compliance.
Responsibilities:
- Develop and implement security policies, procedures, and standards to safeguard IT systems and data.
- Conduct regular security assessments, penetration testing, and vulnerability scans to identify and address potential security risks.
- Monitor and analyze security incidents and breaches, and respond promptly to mitigate any impact.
- Design and implement access control mechanisms, including identity and access management (IAM) solutions.
- Configure and manage security technologies such as firewalls, intrusion detection/prevention systems (IDS/IPS), antivirus software, and encryption tools.
- Stay up-to-date with the latest cybersecurity trends, threats, and technologies, and provide recommendations for continuous improvement.
- Collaborate with internal teams and clients to assess security requirements, develop security solutions, and provide security-related guidance and support.
- Participate in incident response activities, including investigations, root cause analysis, and remediation efforts.
Requirements:
- Bachelor's degree in Computer Science, Information Technology, or related field (or equivalent work experience).
- Proven experience working in information security roles, with a focus on cybersecurity operations, incident response, and risk management.
- Strong knowledge of cybersecurity principles, best practices, and industry standards (e.g., SOC 2, NIST Cybersecurity Framework, NIST 800-53, GDPR, etc.).
- Experience with security tools such as SIEM (Security Information and Event Management), DLP (Data Loss Prevention), and endpoint security solutions.
- Familiarity with network security concepts, protocols, and technologies (e.g., TCP/IP, VPN, DNS, SSL/TLS).
- Certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or similar are highly desirable.
- Excellent analytical and problem-solving skills, with the ability to assess complex security issues and develop effective solutions.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with technical and non-technical stakeholders.
- Ability to work independently, prioritize tasks, and manage multiple projects simultaneously.
- Commitment to maintaining confidentiality, integrity, and ethical standards in handling sensitive information and security incidents.
Benefits:
- Competitive salary based on experience and qualifications.
- Comprehensive benefits package, including health insurance, retirement plans, and paid time off.
- Opportunities for professional development and certification.
- Collaborative and supportive work environment with a focus on teamwork and innovation.
- Chance to work with a diverse range of clients and industries, gaining valuable experience in the dynamic field of cybersecurity.