Information Systems Security Engineer

As an Information System Security Engineer at a governmental company we are working with you will play a vital role in ensuring the security and integrity of our organization's information systems. Your primary responsibility will be to design, implement, and maintain security measures that protect the company's computer systems, networks, and data from unauthorized access, vulnerabilities, and cyber threats. You will work closely with cross-functional teams to identify potential risks, develop appropriate security solutions, and ensure compliance with industry standards and regulations.
Key Responsibilities:

1. Security Infrastructure Design and Implementation: Collaborate with system architects, network engineers, and software developers to design and implement secure information systems. This includes network segmentation, firewalls, intrusion detection/prevention systems, access controls, encryption, and other security technologies.
2. Vulnerability Assessment and Penetration Testing: Conduct regular vulnerability assessments and penetration tests to identify system weaknesses, vulnerabilities, and potential exploits. Analyze the results and provide recommendations for remediation.
3. Security Incident Response: Develop and implement incident response plans to effectively respond to and mitigate security incidents. Investigate and analyze security breaches, and recommend appropriate actions to prevent future incidents.
4. Security Policies and Procedures: Develop, review, and update security policies, standards, and procedures to ensure compliance with industry best practices and regulatory requirements. Communicate and enforce security policies across the organization.
5. Security Awareness and Training: Conduct security awareness campaigns and training sessions to educate employees on security best practices, potential threats, and risk mitigation strategies. Foster a security-conscious culture within the organization.
6. Security Monitoring and Auditing: Monitor systems, networks, and applications for security breaches or suspicious activities. Utilize security monitoring tools and perform regular audits to ensure compliance with security policies and standards.
7. Security Risk Assessment: Identify and assess potential risks to the organization's information systems and assets. Collaborate with stakeholders to prioritize risks and develop risk mitigation strategies.
8. Security Compliance: Stay up to date with industry trends, emerging threats, and regulatory requirements related to information security. Ensure compliance with applicable laws, regulations, and frameworks (e.g., GDPR, HIPAA, ISO 27001).

Qualifications:

• Bachelor's degree in Computer Science, Information Systems, or a related field. Relevant certifications (e.g., CISSP, CISM, CEH) are highly desirable.
• Proven experience as an Information System Security Engineer or in a similar role, with a strong focus on network and system security.
• In-depth knowledge of security principles, practices, technologies, and frameworks (e.g., NIST, CIS Controls).
• Proficiency in conducting vulnerability assessments, penetration testing, and incident response.
• Familiarity with security tools and technologies such as firewalls, IDS/IPS, SIEM, DLP, encryption, and authentication systems.
• Strong understanding of networking protocols, TCP/IP, and network architecture.
• Experience in designing and implementing security controls for cloud environments (e.g., AWS, Azure) is a plus.

Information Systems Security Engineer