Security Lead Engineer
Company: Forensic Risk Alliance
Location: Cranston
Posted on: June 24, 2022
Job Description:
ResponsibilitiesAs part of the Global IT Team team, the Security
Lead Engineer reports directly to the Director of IT and is
responsible for the implementation and administration of network
security hardware and software, enforcing the security policy and
complying with requirements of security audits and recommendations.
- The Security Engineer Lead needs to keep current on the latest
threats and technologies to combat those threats and comply with
all standard security practices. - Occasionally, this role may
engage with FRA clients and would lead work streams with external
certification firms. With their highly specialized skill and
knowledge, the Security Lead Engineer would function as an SME to
the IT Director and entire IT Team.Principle duties
- Architects, designs, implements, maintains and operates
information system security controls and countermeasures
- Supervises and trains team members in the administration of
these systems; documents the operation, use, and expected outputs
of these systems.
- Analyses and recommends security controls and procedures in
business processes related to use of information systems and
assets, and provides oversight to ensure compliance.
- Monitors information systems for security incidents and
vulnerabilities; develops monitoring and visibility capabilities;
reports on incidents, vulnerabilities, and trends to IT or
executive management.
- Oversees the response to information system security incidents,
including investigation of, countermeasures to, and recovery from
computer-based attacks, unauthorized access, and policy breaches;
engages, interacts and coordinates with third-party incident
responders, including law enforcement.
- Oversees the administration of authentication and access
controls, including provisioning, changes, and de-commissioning of
user and system accounts, security/access roles, and access
permissions to information assets.
- Analyses trends, news and changes in threat and compliance
environment with respect to organizational risk; advises
organization management and develops and executes plans for
compliance and mitigation of risk; oversees risk and compliance
self-assessments, and engages and coordinates third-party risk and
compliance assessments.
- Analyses and oversees the development of information security
governance, including organizational policies, procedures,
standards, baselines and guidelines with respect to information
security and use and operation of information systems.
- Oversees the development and administration of information
security training and awareness programs.
- Assesses security of existing systems, identify potential risks
and create mitigation options
- Work alongside FRA developers, providing expert leadership and
advice on secure architecture, design, and implementation
- Coordinate and conduct security testing, prioritise fixes
- Maintain the strategic roadmap for security at FRA and be its
advocate
- Manage, develop and motivate team members to support an
environment which builds accountability for commitment to service
delivery, business partnering, meeting objectives and sets the tone
for continuous review
- Manage resource allocation, monitor utilisation rates of team
members and support strategic workforce planning and recruitment of
key roles
- Support talent acquisition efforts by leveraging external
networks to source candidates and leading Qualifications, Skills
and Experience
- Bachelor's Degree Computer Science, Cybersecurity, or related
field required; Advanced degrees/ certifications strongly
preferred
- Minimum 5 years of experience in an Information Security
related role, ideally in a multi-office global environment
- Experience with reverse engineering, vulnerability research,
and penetration testing
- Experience with threat modelling
- It is also desirable for the role holder to have experience in
applied cryptography
- Demonstrable ability to clearly articulate complex and
technical findings in both written and oral presentations for a
variety of audiences
- Excellent analytical and problem-solving skills, strong work
ethic, attention to detail and an enquiring mind
- Self-motivated with the ability to work in a fast-paced
environment
- Experience with the ISO 27001 framework
- In-depth knowledge of applicable data privacy practices and
laws and how these need to be considered as part of service
delivery and ongoing developments
- Strong understanding of project management principles
- Must be flexible with potential travel requirements, both
domestic and international
- CISSP or equivalent certification a strong plusFRA operates a
hybrid working policy, where time can be split between home and the
office. The split of time will be dependent on the work activities
underway at specific times. This job description is to be used as a
guide for accomplishing company and department objectives and is
not intended, and should not be construed to be an all-inclusive
list of responsibilities, skills, efforts or expectations
associated with a job. The management team reserves the right to
modify, add or remove duties from jobs and to assign other duties
as necessary.FRA is an Equal Opportunity Employer (EOE). We will
not unlawfully discriminate against any protected characteristics,
or any other category protected under applicable legislation,
federal law, state law or local law. In addition, if you need
assistance or accommodation during the application process because
of a disability, this is available upon request.
Keywords: Forensic Risk Alliance, Cranston , Security Lead Engineer, Engineering , Cranston, Rhode Island
Didn't find what you're looking for? Search again!
Loading more jobs...