The IT Security Engineer is responsible for analyzing information security systems and applications; recommends and develops security measures to protect information against unauthorized modification or loss; monitor, evaluate and maintain systems and procedures to safeguard internal information systems, network, databases, and web-based security. Conduct vulnerability assessments and monitor systems, network, databases and web for potential system breaches. May be assigned responsibility for internal or external systems security (i.e. cloud services) with oversight and/or assistance from the Corporate Team.
- Analyze security systems and seek improvements on a continuous basis. Inspect and review firewall, router and switch configurations to ensure compliance with best practices.
- Report possible threats or software issues as soon as identified.
- Research weaknesses and find ways to counter them.
- Find cost-effective solutions to cybersecurity problems.
- Understand software, hardware and internet needs while adjusting them according to our business environment.
- Develop best practices and security standards for the organization.
- Test company software, firmware and firewalls.
- Assist fellow employees with cybersecurity, software, hardware and IT needs.
- Research security trends, new methods and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach.
- Contribute to the annual review of policies and practices and assist in keeping policies current.
- Assist in reviewing configuration of Qualys, Network ACLs, Encryption and Anti-Virus systems, including monthly reports on scans to ensure cardholder data and systems are secure.
- Review and verify logging activity configurations are generating adequate coverage to ensure proper tracking, alerting and maintaining of logs to meet required standards.
- Verify file integrity monitoring tool is configured to monitor system/application executables and parameter files; verify logs are stored and alerts are set.
- Participate in industry/peer group/conferences as necessary to stay current with information, security trends and best practices.
- Complete assigned industry and/or job-related training as required.
- Communicate clearly and concisely, both orally and in writing.
- Multi-task and adhere to priorities and meet deadlines.
- Ability to work in a fast-paced, collaborative environment, drawing on the expertise of all team members to deliver projects.
- Good understanding of technical writing and documentation skills.
- An understanding of best practices and how to implement them at a business-wide level.
- Good understanding of assessing, utilizing, supporting and/or maintaining of logical and physical security architectures and technologies, including but not limited to firewalls, SIEM, VPN, antivirus, email, web, data, video, physical access control hardware and related operating systems and supporting software.
- Minimum of 4 years’ directly related experience or other transferrable technical experience.
- Bachelor’s degree in Information Systems, Computer Science or a related discipline preferred, or an equivalent amount of directly related work experience.
- One or more of the following certifications is highly desired:
- CompTIA Security +
- CompTIA Advanced Security Practitioner (CASP)
- GIAC Security Essentials (GSEC)
- Global Information Assurance Certification (GIAC)
- Systems Security Certified Practitioner (SSCP)
- Certified Information Systems Security Professional (CISSP)
This is a full-time position and candidate is highly preferred to be in a GMG Market: Detroit, Roanoke, Jacksonville, Orlando, Houston or San Antonio.
Travel: Less than 25% - travel expected.
To apply please e-mail resume to email@example.com with subject line “IT Security Engineer.” No calls will be accepted.
Any offer of employment is conditional upon the successful completion of a pre-employment drug screening, investigative background check, employment/education verifications and reference checks.
GMG is an Equal Opportunity Employer. In addition to complying with the requirements of federal law, GMG will comply with applicable state and local laws prohibiting employment discrimination.