information security engineering

Hi,

Job Title: Information Security Engineer

Shift – NIGHT shift

Experience – 5+ Yrs -12 Yrs (Technical Person)

NP- immediate, who can join by this week or max by Monday.

Mandatory Skills : - Cyberark with PAM (Along with Alero /WPM /EPM)

Secondary Skills : - Crowdstrike / information security (Vulnerability).

Interview mode :-

First interview – AI

Final – with client

SUMMARY: The Information Security Engineer is responsible for daily operational support and reporting within an enterprise's information security & compliance environment. The main purpose of this position is to assist the Information Security Team in daily operations, service desk tickets, technical issue resolution and periodic reporting.

RESPONSIBILITIES: To perform this job successfully an individual must be able to perform each duty satisfactorily. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

●       Perform daily security systems health checks

●       Ensure that daily operational dashboards are updated

●       Monitor the Information Security Service Desk Tickets Queue, perform initial investigation, gather requirements and appropriately assign tickets to team members.

●       Perform level 1 troubleshooting for issues reported by end users

●       Perform software validations for all new software acquisitions, installs and updates using tools provided by the company.

●       Perform CSA assessments of the IT assets using CSA benchmarking tools

●       Create appropriate change requests and follow through the change management process for implementing new changes

●       Assist in privileged access review process and follow through the daily changes of access control

●       Monitors the alerts received from SIEM and EDR solution (CrowdStrike)

●       Track and update the vulnerability dashboards

●       Track and update the vulnerability assessment of company assets and perform remedial actions.

●       Coordinate Critical Incident Response Review process for Security and Compliance Team.

●       Document new processes and workflows created by Security and Compliance Team

●       Participate in weekly operational meetings.

●       Prepare weekly monthly and quarterly KPI reports.

●       Maintain a complete set of Information security & compliance policies to meet regulatory requirements and withstand audits.

●       Assists IT staff in the resolution of reported security incidents.

●       Participate in periodic penetration testing. Review outcome of the penetration testing and follow up on remedial actions.

●       Participates in security investigations and compliance reviews, as requested by internal or external auditors.

●       Participate in special projects as required.

●       Maintains current knowledge of relevant technologies as assigned.

QUALIFICATIONS:The requirements listed are representative of the knowledge, skill, and/or ability required.

Required:  

●       Bachelor's degree in information technology

●       Minimum 5 years of IT industry experience

●       Minimum Two years of experience in Information security & compliance operations

●       Experience in CyberArk Privilege Access Management and CyberArk Endpoint Privilege Manager.

●       Experience in Crowdstrike Falcon Endpoint Protection

●       Experience in Crowdstrike Falcon Identity Protection

●       Proven understanding of MITRE framework

●       Proven track record of working with ITIL framework

●       Excelled network security architecture skills

●       Experience with systems security threats and events

●       Experience with Networking components and server infrastructure

●       Self-starting, eager to learn and master new responsibilities

●       Experience with Proxy and Identity management systems

●       Vulnerability management program experience

●       Bachelor's degree in information systems or equivalent work experience

●       CompTIA Security+ or Industry-standard information security certification

●       Experience working in a collaborative team environment

●       Strong written and verbal communication skills

Abilities/Skills:

●       Candidate must have proven record of previous working experience with ITIL framework, team collaboration and participation in projects that span cross functional teams.

●       Networking certification such as Cisco CCNA will be highly desired

●       Experience with common information security & compliance management frameworks, such as ITIL, NIST, SOC2, COBIT and ISO 2700x,

●       Basic understanding of business applications and financial systems.

●       Strong analytical skills to analyze security requirements and relate them to appropriate security controls.

●       Excellent technical knowledge of a wide range of security technologies, such as Security information & event management, network security, identity management, and access management (IAM) systems, anti-malware solutions, automated policy compliance tools, and desktop security tools.

●       Experience in developing, documenting, and maintaining security & compliance policies, processes, procedures, and standards.

●       Knowledge of network infrastructure, including routers, switches, firewalls, and the associated network protocols and concepts.

●       Project management experience is preferred.

ORGANIZATION RELATIONSHIPS:

Has the ability to work with all levels of the business or external customers/suppliers involved in the projects. Is dedicated to meeting the expectations and requirements of internal and external customers; gets first-hand customer information and uses it for improvements in products and services; talks and acts with customers in mind; establishes and maintains effective relationships with customers and gains their trust and respect.

SUPERVISORY RESPONSIBILITIES:

No supervision is anticipated

EDUCATION AND/OR EXPERIENCE:

Required:  Bachelor's degree, preferably in Computer Science or Information Systems or a related field or the equivalent combination of education and experience.   

LANGUAGE SKILLS:

Required: English. Ability to read, analyze and interpret requirements documents, industry periodicals, professional journals, technical procedures, or government regulations. Ability to write reports, business correspondence, and procedure manuals. Ability to effectively present information and respond to questions from groups of managers, clients, customers, or suppliers.