information security engineer

information security engineer

Our client in the finance industry is looking for an information security engineer to join their team.

Responsibilities :

  • Research new threats and attack vectors to implement countermeasures
  • Update administrative and technical controls to adjust the security posture
  • Conduct configuration and system audits for adherence to best practices
  • Align security frameworks based on industry standards and contribute towards risk scoring valuations and provide potential remediations to minimize business risks
  • Work with IT & Architecture teams to determine and develop infrastructure architectural solutions by conducting business reviews, documenting current systems, and developing recommendations from a security standpoint
  • Assist in design and implementation of resilient Information Security infrastructures
  • Ensure complete, secure and reliable log collection for Threat and Vulnerability Management
  • Take ownership to manage and lead cyber security and incident management
  • Manage Endpoint protection, Encryption and Certificate management
  • Provide visibility via monitoring tools using security analytics with an intelligence-based approach
  • Review and Analyze Security Logs for anomalies and take corrective & preventative actions as a proactive measure
  • Keep abreast of technology advances especially security related matters across all enterprise Domains
  • Utilize tools and best practices for potential implementation and/or infrastructure changes to conduct penetration testing and vulnerability assessments
 
 

Requirements : 

  • 3+ years of relevant enterprise experience within core security domains
  • Strong knowledge of security mitigation methodologies and infrastructure hardening
  • Understanding of security management frameworks such as ISO 27001
  • Strong commitment and enforcement of security policies and procedures lifecycle
  • Excellent internal communication skills and demonstrated ability to express
  • CEH or OSCP is highly required
  • Current Information Security Certification such as. CISA, CISM or equivalent preferred, or ability to acquire one within the probation period
  • Technical background on networking capabilities such as routing, switching, firewalls, VPNs, IDS/IPS and other security devices
  • Conducting vulnerability analysis and assessments across multiple environments
  • Experience with regulatory compliance from an infrastructure level, both from a perimeter
  • & internal network segments
  • Documentation of computer security controls and measures within the entire ecosystem
  • Experience with shells scripting and system automation at enterprise level
  • Acting as a technical resource for projects that arise from current business needs to technological developments
  • Leading phishing exercises & security threats on a regular cadence
  • Degree in computer science is considered an asset