Information Security Engineer

The Information Security Engineer is responsible for maintaining and supporting the firms cybersecurity tools systems and operations. This handson technical role ensures alignment with established policies procedures and security objectives by assisting in the implementation configuration and monitoring of security technologies. The Information Security Engineer will work closely with IT and security teams to identify and respond to threats remediate vulnerabilities and uphold the security of firm assets and data.

This position plays a critical role in the day to day operations of the firms information security program. The ideal candidate will possess strong technical expertise attention to detail and the ability to clearly communicate security concepts. The Information Security Engineer must be capable of acting swiftly and decisively during incidents and will contribute to the firms proactive defense strategies and compliance initiatives.

Responsibilities

• Monitor and support daily security operations including analysis and maintenance of cybersecurity tools and infrastructure.
• Investigate respond to and document security incidents assist with root cause analysis and corrective actions.
• Manage and contribute to cybersecurity projects by planning coordinating and executing initiatives such as security tool deployments configuration enhancements and remediation efforts.
• Assist in the of the firms vulnerability management program and risk mitigation efforts across IT systems.
• Maintain and optimize security tools such as SIEM EDR vulnerability management platforms and secure email gateways.
• Collaborate with IT teams to incorporate security best practices into system implementations and configurations.
• Recommend and apply technical controls to enforce security policies and support compliance with regulatory and client requirements.
• Contribute to the delivery of security awareness training and education in partnership with the Information Governance team.
• Provide status updates and reports to the Director of Information Security on operational performance risks and project progress.
• Assist in the completion of client security assessments and the implementation of related remediation tasks.
• Support the management of relationships with security vendors and thirdparty service providers ensuring deliverables meet expectations.
• Participate in security assessments and testing of systems networks and applications.
• Contribute to the development and refinement of security policies and procedures based on evolving threats and best practices.
• Work cross functionally with IT and other departments to ensure alignment with the firms cybersecurity goals.
• Support compliance and audit efforts by gathering evidence tracking remediation and reporting as needed.
• Stay current on emerging security threats technologies and industry trends.
• Assist in the continuous improvement of security operations tools and incident response processes.

Experience and Requirements

• Bachelors degree in information systems cybersecurity or related field or equivalent experience.
• CISSP or similar certification is required additional certifications (e.g. CISM CEH GIAC) are a plus.
• Minimum of 4 years of experience in information security or a related IT security focused role.
• Handson experience with security technologies including SIEM EDR vulnerability management tools firewalls and email security platforms.
• Demonstrated ability to investigate and respond to security incidents and alerts.
• Familiarity with information security frameworks such as NIST CSF or ISO 27001.
• Knowledge of relevant regulatory and compliance standards (e.g. HIPAA GDPR SOX).
• Ability to draft and contribute to security documentation policies and procedures.
• Strong analytical troubleshooting and problemsolving skills.
• Effective written and verbal communication skills with the ability to explain complex topics to various audiences.
• Experience contributing to or supporting security awareness initiatives is preferred.
• Highly organized and capable of managing multiple tasks in a fast paced environment.