Information Security Engineer (PERM)
Boston, MA 02111 US
Connexion’s mission is to provide "best in class" services to job seekers. We strive to achieve excellence in job placement, staffing, and recruiting services while treating candidates with the professionalism and respect they deserve.
Title: Information Security Engineer
Hiring Organization: Connexion Systems & Engineering
- Duration: Perm
- Pay rate: $ 140 - 145K
- Job Location: Hybrid (MA, CT, NY, RI, Orange County, Washington, DC )
- Job# 15028
As Information Security Engineer (ISE), reporting to the Director of Information Technology and working closely with the Chief Information Officer, this position will be responsible for the administration, implementation, and oversight of the Firm’s Information Security Management Systems (ISMS) to effectively safeguard all data stored on-premises and in the cloud. They will be responsible for the ongoing development and improvement of an extensive security strategy for the Firm. The security professional will suggest tools and techniques to achieve security goals and to record the process related to gathering and maturing Threat Intelligence. The Information Security Engineer will work in collaboration with the Network team to offer support for security tools and technologies such as firewalls, proxy servers, remote access, and others. The professional must document the configurations and network designs to help in the effective execution of the strategic security plan. They will research and investigate the potential impact of new threats and exploits to improve detection and response capabilities. This person will work closely with senior IT management on information security-centric initiatives related to compliance, risk management, and data privacy and protection strategies for the organization, in alignment with relevant laws, regulations, and industry standards. The ISE will participate in select solution-provider/vendor selection processes and contract security compliance reviews and work with business owners to provide information security and compliance oversight of onboarded vendors. Additionally, this role will coordinate security-related responses to prospective client requests for proposals (RFPs), as well as audits for existing clients.
• Participates in the development, risk assessment, communications, status reporting, vendor management, and oversees the execution of, enterprise-wide information security, compliance, risk, and privacy strategies.
• Administers and monitors security platforms Firm-wide and liaises with Managed Security Services provider to coordinate response to security events and vulnerability assessments.
• Serves as an expert advisor to senior management in the development, implementation, and maintenance of information systems to ensure that best practice control objectives are achieved in protecting information assets. • Works with the IT team and business process owners to ensure MSAs and SOWs (Statement of Work) comply with information security compliance requirements
• Owns updating and revision of Information Security policies and SOPs; works with CIO and Data Protection Committee to ensure policies meet business requirements and align with US federal, state, EU (European Union), and additional global obligations.
• Assesses existing IT policies, guidelines, procedures and standards to discover security related gaps and create or align firm documentation, as necessary.
• Manages vendor engagements for IT Risk Assessments to identify, assess, and remediate threats internally and with 3rd party vendors.
• Collaborates on the development or selection of regular Information Security and Compliance training to all employees and assists in delivery and auditing of compliance training.
• With the CIO and Director of IT, participates in and helps direct the Firm’s incident response efforts when system compromise or information loss is suspected, in an effort to minimize any negative impact.
• Participates in and provides project management for security and compliance certification and re-certification processes, including the scheduling of internal audits to ensure regulatory compliance and company readiness. Works with auditors and IT teams to coordinate collection of evidence required to support IT controls.
• Drives security assessments for vendors and technology.
• Supports the ongoing administration, design and use of network segmentation tools and underlying concepts.
• Supports development of testing and evaluation plans, including cyber test activities. • Provides technical expertise to support vendor and project reviews.
• Works with third party vendors to plan for and execute penetration testing.
• Ensures that security controls are integrated into new systems and applications. • Assists with other projects and initiatives at the direction of the department and firm.
• Bachelor’s degree in computer science, Information Security, Information Technology or related field.
• Professional certifications (e.g., CIPP/USA and CISSP).
• Minimum of four (4) years of work experience in the field of information security and compliance, or equivalent combination of education and work experience.
• Strong IT Governance, Risk and Compliance experience with knowledge of local and international privacy laws.
• Proven experience providing project management for security and compliance-related initiatives in a team-oriented workplace preferred.
• Ability to manage relationships.
• Experience working with a variety of automation tools, firewall systems, and other technologies used in cybersecurity.
• Able to fix complications with SSL and SSH.
• Sound professionalism with incident response.
• Exceptional oral and written communication skills and the ability to articulate highly technical information for real world business impact at a senior management level.
• Strong time management, prioritization, problem-solving, and organizational skills, and the ability to work effectively in a high-pressure environment.
• Strong interpersonal skills and ability to work effectively with diverse levels of constituencies.
• Flexibility and capacity to respond calmly, efficiently, and effectively in stressful situations.
• Able to meet set deadlines and work effectively under pressure.
• Ability to maintain the confidentiality of matters and other firm business information.
Please use the apply button to submit your resume for consideration. A Connexion Representative will contact you immediately.
When responding to this job posting you MUST include the Job# and Job Title in your subject line.
If you are active in a job search but this job is not for you, please reach out to . We would be glad to help you find the perfect job!