Information Security Engineer I

Niagara Falls, NY 14301

Posted: 03/19/2019 Employment Type: Permanent Industry: IT Job Number: 1269 Pay Rate: Negotiable

Lighthouse Technology Services is seeking an Information Security Engineer I for an immediate direct hire role in Niagara Falls / Buffalo, NY.

Required Skills Include:

  • Must be willing to work nights, weekends and holidays as required. On-call 24x7 as needed.
  • Employment is contingent upon a favorable outcome of a background investigation and drug screening.
  • Must be 18 years of age or older upon employment.
  • Bachelor’s Degree in an Information Technology related field.
  • Minimum of three (3) years of work experience in a related Information Technology role is required.
  • Experience in a dedicated information security role for minimum of one (1) year is preferred.
  • Experience with IT audit processes (e.g. ITGC, PCI) preferred.
  • Some technical certifications (CompTIA Network+/Security+, Microsoft, Cisco) preferred.
  • An equivalent combination of education and/or experience may be substituted for the above requirements.
  • Excellent understanding of networking principles including TCP/IP, WANs, LANs, and commonly used protocols/standards such as DHCP, DNS, SMTP, HTTP(S), FTP, Telnet, SNMP, LDAP, SSH, 802.11, 802.1x, Netflow, etc.
  • Experience with IBMi (aka, AS/400, iSeries, System i) environment, commands, and utilities preferred.
  • Experience with syslog management solutions.
  • Experience with information security tools and utilities.
  • Experience with Microsoft Windows environment, commands and utilities required.
  • Experience with network security practices.
  • Experience with email applications required, Microsoft Outlook experience preferred.
  • Must be able to demonstrate proficiency in Microsoft Windows and Microsoft Office.
  • Must possess excellent communication and analytical skills.
  • Must be resourceful, utilizing all resources that are available to resolve issues.
  • Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner.
  • Must be able to work with little direction and supervision.
  • Must demonstrate good judgment.
  • Must be a team player with strong interpersonal skills.

 

Responsibilities Include:

  • On-going development of the enterprise information security architecture, information security policy implementation and enforcement, and is responsible for ensuring the confidentiality, integrity and availability of the company’s information assets within a blended information security framework based on published guidance from CIS, NIST, PCI DSS, ISACA (CoBIT) and a pragmatic/risk-based approach.
  • Contributes to the improvement of the security posture for all endpoints.
  • Contributes to the maintenance, monitoring, and support associated with enterprise information security controls pertinent to endpoints and infrastructure.
  • Contributes to the maintenance, monitoring, and support associated with enterprise information security toolsets.
  • Consults with Information Security & Assurance (ISA) and Information Technology (IT) management/teams to verify that appropriate security controls are in place, identify gaps, and facilitate remediation.Assists with guidance, coordination, and support for client business units during applicable audits where/when applicable.
  • Relies on pre-established policies and procedures to perform the functions of the job.
  • All duties are to be performed within the guidelines of the client’s policies and procedures, Internal Control Standards, and objectives.
  •  Works collaboratively within a team of information technology, information security, and information assurance professionals to improve the information security posture across the enterprise.
  • Assists with all Information Security and Assurance governance support, focusing on all aspects of regulatory compliance – ITGC, PCI, and other industry and regulatory compliance requirements.
  • Responsible for improving the security posture of enterprise endpoints.
  • Responsible for the maintenance, monitoring, and support associated with information security controls pertinent to endpoints to include desktops, laptops, servers, point-of-sale, and mobile devices & for infrastructure to include switch, router, firewall, wireless, VPN, and other.
  • Responsible for maintenance, monitoring, and support associated with established information security toolsets to include endpoint protection, endpoint encryption, network access control, vulnerability scanning, identity and access management, intrusion detection/prevention, web access filtering, central logging, public key infrastructure, and other with a focus on streamlining operations.
  • Responsible for monitoring and reporting of information generated by enterprise information security toolsets.
  • Understands and supports defense-in-depth strategies, addressing any threats to the enterprise infrastructure.
  • Creates, maintains and supports pertinent information security control and solution documentation.
  • Performs vulnerability assessments, documents procedures, and reports findings to management.
  • Participates in and coordinates vulnerability remediation actions with IT, business units, external business partners, and vendor partners.
  • Active participant in the enterprise incident response plan.
  • Responsible for contributing to development, implementation, and enforcement of established information security and assurance policies and procedures.
  • Assists with facilitation of all applicable internal control review functions.
  • Assists with facilitation of all applicable audit evidence requests.
  • Keeps abreast of the latest threats and vulnerabilities through independent study, and researches related technologies.
  • All work products must comply with Internal Controls, Minimum Internals Control Standards (MICS), Sarbanes-Oxley (SOX), and Payment Card Industry DSS (PCI DSS).
  • Maintains a working knowledge and practical application of information security and assurance principles and practices as they relate to their job responsibilities.
  • Proactively assesses potential risks within the environment and assists with on-going reviews of internal policies/procedures.
  • Maintains a current understanding of all policy and guidelines regarding information security including the client's on Acceptable Use Policy.
  • Understands and complies with all information security policies and procedures at all times.
  • Provides exceptional customer service to all patrons and communicates in a pleasant, friendly and professional manner at all times.
  • Maintains a professional work environment with supervisors, managers and staff.
  • Meets the attendance guidelines of the job and adheres to regulatory, departmental and company policies.
  • Must complete all required Training programs within nine (9) months from commencement of employment.
  • Attend all necessary meetings.
  • Duties, responsibilities, requirements and expectations pertaining to this job are subject to change as needed.Hours are determined by a 24-hour schedule.

Required Skills Include:

  • Must be willing to work nights, weekends and holidays as required. On-call 24x7 as needed.
  • Employment is contingent upon a favorable outcome of a background investigation and drug screening.
  • Must be 18 years of age or older upon employment.
  • Bachelor’s Degree in an Information Technology related field.
  • Minimum of three (3) years of work experience in a related Information Technology role is required.
  • Experience in a dedicated information security role for minimum of one (1) year is preferred.
  • Experience with IT audit processes (e.g. ITGC, PCI) preferred.
  • Some technical certifications (CompTIA Network+/Security+, Microsoft, Cisco) preferred.
  • An equivalent combination of education and/or experience may be substituted for the above requirements.
  • Excellent understanding of networking principles including TCP/IP, WANs, LANs, and commonly used protocols/standards such as DHCP, DNS, SMTP, HTTP(S), FTP, Telnet, SNMP, LDAP, SSH, 802.11, 802.1x, Netflow, etc.
  • Experience with IBMi (aka, AS/400, iSeries, System i) environment, commands, and utilities preferred.
  • Experience with syslog management solutions.
  • Experience with information security tools and utilities.
  • Experience with Microsoft Windows environment, commands and utilities required.
  • Experience with network security practices.
  • Experience with email applications required, Microsoft Outlook experience preferred.
  • Must be able to demonstrate proficiency in Microsoft Windows and Microsoft Office.
  • Previous experience working in a casino is desired but not a requirement.
  • Must possess excellent communication and analytical skills.
  • Must be resourceful, utilizing all resources that are available to resolve issues.
  • Must have the ability to resolve problems/conflicts in a diplomatic and tactful manner.
  • Must be able to work with little direction and supervision.
  • Must demonstrate good judgment.
  • Must be a team player with strong interpersonal skills.

Send an email reminder to:

Share This Job:

Related Jobs:

Login to save this search and get notified of similar positions.