IT Engineer III Info Systems
Dallas, TX

Job Description

PURPOSE:

The Security Engineer III is a member of the IT information security team, with an advanced level of competency, focusing on information security governance to develop, review, and oversee the implementation of security requirements and best practices throughout the computing environments. The Security Engineer III works closely with the IT Team and others to develop/configure, implement, review, and monitor a comprehensive information security program, including deployment of technical controls to meet specific security and regulatory requirements and standards. The Security Engineer III performs security monitoring, security log analysis, and forensic analysis to detect security incidents, and initiates incident response/escalation as necessary. The Security Engineer III investigates and utilizes new technologies and processes to enhance security capabilities and implement improvements.

ESSENTIAL DUTIES AND RESPONSIBILITIES:

1. Provides leadership and direction in mission critical projects by contributing to overall project management, providing guidance for secure design, and contributing technical leadership.

2. Engineer, implement and monitor security standards for the protection of computer systems, networks and information.

3. Identify and define system security requirements associated with all IT assets using a risk-based approach.

4. Develop and document standard operating procedures and protocols for security systems.

5. Working with the networking team, configure and troubleshoot security infrastructure devices, including Cisco ASA firewalls, intrusion detection systems and security-centric appliances.

6. Create new ways to solve existing production security issues, including developing automation scripts to handle and track incidents and other repeatable tasks.

7. Recommend modifications in legal, technical and regulatory areas that affect IT security.

8. Perform vulnerability testing, risk analyses and security assessments and evaluate new technologies and processes that enhance security capabilities.

9. Leads the research and development of new security and engineering standards for all IT infrastructure and business-critical applications in support of strategic IT plans, applications roadmap, and system lifecycle management.

10. Analyze and advise on new security technologies and program conformance.

11. Advises management of security issues, identifying and solving problems as rapidly as possible, providing critical and essential troubleshooting services on systems enterprise-wide.

12. Collaborates with business units and technical teams to develop security policies and hardening standards for IT assets.

13. Provides leadership and mentorship to Windows & UNIX Systems Engineers, Storage Engineers, Network Engineers, and Database Engineers regarding security best practices.

14. Manages vendor relationship and performance pertaining to security architecture, design, technology roadmap, system optimization, and support management. Establishes and maintains strong working relationships with vendor organizations.

15. Test security solutions using industry standard analysis criteria.

16. Collaborate with colleagues on authentication, authorization, and encryption solutions.

17. Perform vulnerability testing, risk analyses and security assessments.

18. Work closely with IT Compliance team to ensure monitoring of security systems allows for efficient and effective aggregation and parsing of security data for alerting and escalation.

19. Develop automated means of collecting and analyzing key metrics for various security systems, including operational security monitoring and situational security monitoring.

20. Ensure all necessary security related incidents are appropriately reported in the Company's incident and problem management system.

21. Responsible for researching emerging technology threats to the organization from all available data sources.

22. Understands and observes all safety procedures and practices in order to prevent injury to self or co-workers; attends periodic safety meetings as required; may recommend changes to improve safety procedures.

23. Other duties may be assigned.

PREFERRED QUALIFICATIONS:

* Bachelor's degree in Computer Science or related field and/or five - ten years' experience in security design, engineering and administration; or equivalent combination of education and experience.
* Experience and expertise with ethical hacking, firewall and intrusion detection/prevention technologies, secure coding practices and threat modeling.
* Advanced knowledge of security technologies such as vulnerability management, intrusion detection/prevention, log monitoring, endpoint protection, and forensic analysis.
* Advanced communication, documentation, prioritization and change management skills.
* Demonstrates an ability to effectively communicate security exposures, misuse, and noncompliance situations to appropriate technical and non-technical personnel.
* Experience conducting security assessment or working in vulnerability management.
* Strong working experience with Tenable Nessus, IBM QRadar, Trend Micro Anti-virus, and other security specific applications. Hands-on experience with Symantec DLP desired.
* Strong working knowledge of security related standards/regulations/control frameworks such as NIST, SOX, ISO2700X, COBIT, and/or PCI DDS.
* Knowledge of LANs, WANs, SANs, Microsoft Active Directory, Microsoft Windows server and desktop operating systems, Linux operating systems, Microsoft IIS, Microsoft SQL, and the management of firewall technology.
* Demonstrable skills in establishing and maintaining effective working relationships with peers, subordinates, management, and 3rd party vendors.
* Experience producing technical documentation, spreadsheet reports, and visual presentations.
* Excellent verbal and written communications skills.
* Established strategic and critical analysis skills.

MINIMUM REQUIREMENTS:

* Bachelor's Degree in computer science MS or equivalent experience
* 8 years proven experience in a security-engineering role for a medium to large enterprise environment.
* Certified Information Systems Security Professional (CISSP), Information Systems Security Engineering Professional (ISSEP), or other security certification is required. Global Industrial Cyber Security Certification (GICSP) is preferred.

WORK ENVIRONMENT / PHYSICAL ACTIVITY

The work environment and physical activity described are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

* Work is in an office setting and generally sedentary with physical effort associated with using a computer, but may involve walking or standing for brief periods.
* May be required to occasionally lift, carry, push, pull, or otherwise move objects up to 25 pounds.

Other details

* Job Family IT
* Pay Type Salary
* Corp Dallas - 2001 Bryan Street Suite 1600 (75201), Dallas, Texas, United States of America
* Denver Admin Office - 7595 Technology Way (80237), Denver, Colorado, United States of America