The Sr. Security Engineer is responsible for proactively keeping Anchor’s systems secure. This individual should have diverse experience across multiple information security domains such as: threat, networking, IAM, architecture/engineering, operations, and risk management.
Responsibilities & Roles
- Architects, designs, implements, maintains and operates information system security controls and countermeasures.
- Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and monitors for compliance.
- Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and monitors for compliance.
- Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends.
- Responds to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; interacts and coordinates with third-party incident responders, including law enforcement.
- Evaluates authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
- Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; performs risk and compliance self-assessments and engages and coordinates third-party risk and compliance assessments.
- Analyzes and develops information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
- Develops and administers, or provides advice, evaluation, and oversight for, information security training and awareness programs.
- B.S. in Computer Science or related technical field
- Five or more years’ work experience as a System Security Engineer or related position
- Proven experience developing, operating and maintaining security systems
- Extensive knowledge of operating system and database security
- Proficiency in networking technologies, network security and network monitoring solutions
- Knowledge of security systems including anti-virus applications, content filtering, firewalls, authentication
- systems and intrusion detection and notification systems
- In-depth knowledge of security protocols and principles
- Critical thinking skills and ability to solve complex problems
- Deep knowledge of Windows operating systems
- Solid troubleshooting and problem-solving skills
- Strong communications and interpersonal skills
- Industry certifications such as CISSP and CEH are preferred