Information Security & Risk Engineer

JOB SUMMARY

The Information Security and Risk Engineer role leads collaboration, design, development, and

implementation of enterprise information security architectures, solutions, and policies. Role

may focus on technical or administrative aspects of security or encompass a mixture of both.

Information Security and Risk develops, implements, and enforces security controls to protect

the organization's technology assets from intentional or inadvertent modification, disclosure, or

destruction. This job family develops system back-up and disaster recovery plans. Information

Technology also conducts incident response, threat management, vulnerability scanning, virus

management and intrusion detection and completes risk assessments.

ESSENTIAL DUTIES & RESPONSIBILITIES

• Applies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects.
• Contribute to the development of policies and procedures.
• Develops technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organization objectives
• Completes work independently receives general guidance on new projects
• Work reviewed for purpose of meeting objectives
• Serve as an information security expert, helping project teams comply with enterprise and IT security policies, regulations, and recommend strategic solutions. Recommend mitigation steps to reduce business impact of emerging information security threats and vulnerabilities
• Seek opportunities to research, design, and advocate new technologies, architectures, products, policies, processes or procedures that will support security requirements for Outcomes, business partners, and vendors
• Ensure accurate and timely reporting; prepare specialized and ad hoc reports
• May act as a mentor to less experienced colleagues

KNOWLEDGE & REQUIREMENTS

• Familiarity with information security concepts, relevant tools and standards

• Knowledge of Microsoft Office Suite, Excel skills

• Knowledge of information security principles related to Confidentiality and Integrity, Availability

(CIA)

• Demonstrated experience with systems and data query tools

• Demonstrated team performance skills, service mindset approach, and the ability to act as a

trusted advisor

EDUCATION & EXPERIENCE REQUIREMENTS

• Minimum years of work experience: 5 years Information Technology sector experience or

equivalent

• Minimum level of education or education/experience: Bachelors or equivalent work experience

in computer science, information technology, or a related field

• One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC,

CISA, SSCP, Security+ or other