Senior Information Security Engineer

JOB DESCRIPTION

Job Title:                               Sr. Information Security Engineer

Department:                         Information Technology

Reports To:                           Director, Information Security

FLSA Status:                          Exempt 

Effective Date:                      March 2021

Position Summary

The Sr. Information Security Engineer is an exceptional role within Information Security at APCO. S/he will serve as an SME for security event management, technologies, and threat hunting. The ideal candidate will leverage their security background and experience to mitigate risks and improve the company overall security posture. S/he will work closely with IT teams to implement security technologies in support of the APCO security program and strategy. S/he will possess strong technical skillsets, problem-solving skills, a high level of accountability and responsibility, and the proven ability to execute and deliver security projects. 

Essential Duties and Responsibilities 

• Security event monitoring and analysis, and threat hunting, 
• Plan, implement and manage security technologies, including SIEM, Cisco IDS, anti-virus, application and network vulnerability management system, any other security technologies as needed.
• Interact and collaborate across the company to assist with identifying security gaps and needs. 
• Maintain knowledge of current and emerging security vulnerabilities, exploits, compliance, and technical development and effectively communicate security best practices.
• Investigate, research, and analyze security-related suspicious activities.
• Experience with planning, researching, and developing security policies, standards, and procedures.
• Effectively communicate security events or concerns to peers and management.
• Respond and investigate security incidents. 
• Perform other security duties as needed or assigned.

Qualifications/Desired Skills & Abilities

• Strong understanding and experience with securing network security, application security, and Azure cloud infrastructure.
• Strong technical troubleshooting capability.
• Experienced with security incident response.
• Knowledge of disaster recovery, security forensic tools, technologies, and methods.
• Linux knowledge desirable.

• Must be highly motivated and engaging.
• Must have analytical and problem-solving outlook.
• Must have attention to detail, integrity, and conscientious work ethic.

• Outstanding time management and organization skills.
• Professional demeanor with superior oral and written communication skills.

Education and Experience

• Bachelor’s Degree in Information Security or similar discipline, or equivalent experience
• Awareness of NYCRR, CCPA, and PCI compliances
• Must have CISSP or GIAC certification 

Benefits include:

• Medical & prescription coverage
• Dental
• 401(k) 
• Employee Assistance Program
• Employee discounts 
• Paid-time-off
• Company paid benefits:
  • vision coverage for you and your dependents, basic life insurance, short-term disability & long-term disability 

This job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Employee signature below constitutes employee's understanding of the responsibilities and the job qualifications of the position.

 
 
 
 __________________________________

Print Name

 __________________________________                                                                   ________________
 Employee Signature                                                                                                        Date