Information Security Engineer II
First Command Financial Services, Fort Worth, TX, United States
Job Description
How will this role impact First Command?
As an Information Security Engineer, you will help protect the organization's data, networks, and systems from cyber threats. You will support the design, implementation, and continuous improvement of security controls, and monitor for suspicious activity to help detect, investigate, and respond to security events. You will partner with IT and business stakeholders to strengthen security practices, reduce risk, and support security initiatives.
What will the employee do in this role?
Monitor areas of responsibility to prevent, detect, and investigate security alerts
Assist in reviewing and improving annual security initiatives and areas of focus
Coordinate, facilitate, and maintain the schedule for access reviews
Provide security guidance and troubleshoot security issues as required
Manage and improve information security documentation as required
Deliver appropriate and accurate metrics to management
Participate as a key member of the Information Security team by supporting operational security initiatives and cross-functional risk reduction efforts
Stay up to date on new information technologies and apply innovations to the company's security standards and best practices
Collaborate with team members and other business functions, business partners, management, vendors, and external parties for information gathering and best practice recommendations
Conduct security reviews, evaluations, and risk assessments, and develop recommendations for improvements as appropriate
What skills & qualifications do you need?
Education
Hold a bachelor's degree in computer science, Information Technology, or an engineering-related field, or possess equivalent experience
Minimum of 3 years' background working in an IT Security capacity
Knowledge of information security policy design
Proficiency in data loss prevention tools and techniques
Ability to conduct, interpret, and report on data loss prevention configuration alerts
Familiarity with vulnerability and penetration testing tools and techniques
Proficiency in conducting, interpreting, and reporting on vulnerability and penetration tests
Experience participating in security audits
Skill in monitoring for security events, evaluating, and responding where appropriate
Certifications
Minimum Required: CompTIA Security+
Additionally Preferred: CISSP, Microsoft Security Certifications (SC-200 - Security Operations Analyst Associate), CCSP, CCNA, and CCNP: Security
Required Knowledge, Skills and Abilities
Produce and maintain documentation and evidence with diligence
Working knowledge of ISO, NIST, and other information security standards, laws, and regulations
Strong analytical skills
Take initiative and demonstrate comfort with self-directed learning on industry risks and changes
Perform risk analysis and provide recommendations to mitigate risk
Communicate effectively in writing and verbally
Speak confidently when dealing with internal constituents
Identify problems, review related information, develop and evaluate options, and implement solutions
Build domain knowledge of our environment to understand long-term risk areas that may develop as systems evolve
Incorporate industry security standards into practical security operations, network operations, and application development practices
Familiarity with Privileged Access Management (PAM) tools and concepts
Knowledge of computer networking concepts and protocols, and network security
Working knowledge of the Agile Framework
#LI-NC1 #LI-HYBRID
How will this role impact First Command?
As an Information Security Engineer, you will help protect the organization's data, networks, and systems from cyber threats. You will support the design, implementation, and continuous improvement of security controls, and monitor for suspicious activity to help detect, investigate, and respond to security events. You will partner with IT and business stakeholders to strengthen security practices, reduce risk, and support security initiatives.
What will the employee do in this role?
Monitor areas of responsibility to prevent, detect, and investigate security alerts
Assist in reviewing and improving annual security initiatives and areas of focus
Coordinate, facilitate, and maintain the schedule for access reviews
Provide security guidance and troubleshoot security issues as required
Manage and improve information security documentation as required
Deliver appropriate and accurate metrics to management
Participate as a key member of the Information Security team by supporting operational security initiatives and cross-functional risk reduction efforts
Stay up to date on new information technologies and apply innovations to the company's security standards and best practices
Collaborate with team members and other business functions, business partners, management, vendors, and external parties for information gathering and best practice recommendations
Conduct security reviews, evaluations, and risk assessments, and develop recommendations for improvements as appropriate
What skills & qualifications do you need?
Education
Hold a bachelor's degree in computer science, Information Technology, or an engineering-related field, or possess equivalent experience
Minimum of 3 years' background working in an IT Security capacity
Knowledge of information security policy design
Proficiency in data loss prevention tools and techniques
Ability to conduct, interpret, and report on data loss prevention configuration alerts
Familiarity with vulnerability and penetration testing tools and techniques
Proficiency in conducting, interpreting, and reporting on vulnerability and penetration tests
Experience participating in security audits
Skill in monitoring for security events, evaluating, and responding where appropriate
Certifications
Minimum Required: CompTIA Security+
Additionally Preferred: CISSP, Microsoft Security Certifications (SC-200 - Security Operations Analyst Associate), CCSP, CCNA, and CCNP: Security
Required Knowledge, Skills and Abilities
Produce and maintain documentation and evidence with diligence
Working knowledge of ISO, NIST, and other information security standards, laws, and regulations
Strong analytical skills
Take initiative and demonstrate comfort with self-directed learning on industry risks and changes
Perform risk analysis and provide recommendations to mitigate risk
Communicate effectively in writing and verbally
Speak confidently when dealing with internal constituents
Identify problems, review related information, develop and evaluate options, and implement solutions
Build domain knowledge of our environment to understand long-term risk areas that may develop as systems evolve
Incorporate industry security standards into practical security operations, network operations, and application development practices
Familiarity with Privileged Access Management (PAM) tools and concepts
Knowledge of computer networking concepts and protocols, and network security
Working knowledge of the Agile Framework
#LI-NC1 #LI-HYBRID