IT Security Engineer
Gunderson Dettmer
- Ann Arbor, MI
- $120,000-180,000 per year
- Permanent
- Full-time
- Plan, develop, implement and update company’s information security strategy, to include thorough documentation of the cybersecurity architecture.
- Design, develop, execute and track the performance of security measures (hardware, software, systems) to protect information and network infrastructure and computer systems.
- Identify, define and document emerging system security weaknesses and threats and recommend solutions to management.
- Configure, troubleshoot and maintain security infrastructure software and hardware.
- Research, assess and recommend security products that monitor systems and networks for security breaches and intrusions.
- Monitor systems daily for security events and alerts through both organic and SIEM-generated log analysis, and provide operational support to the greater information security team.
- Perform enterprise-wide operations to identify any undetected threats. It is the responsibility of the information security engineer to develop alerting and detection strategies to look into any unusual behavior. They must develop new defensive techniques to recognize any changes in adversary techniques and tactics.
- Assist the Office of General Counsel in the creation and maintenance of SOC or ISO security certifications.
- Assist the Office of General Counsel to educate and train staff on information system security best practices.
- Be responsible for evidence collection, documentation, communications, and reporting for all forensic activities including incident response and investigations.
- Maintain current knowledge and understanding of the threat landscape and emerging security threats.
- Proficiency in secure network architectures, encryption technologies and standards, application security, virtualization technologies and web-based protocols.
- Working knowledge in identity and access management principles, networking routing techniques, social engineering, Advanced Persistent Threat (APT) and gateway anti-malware. Security Engineers must be able to work long hours and collaborate within a team.
- A fundamental knowledge of all aspects of a professional service firm’s computing and communications systems with an eye for how they can be breached and ways we can protect them.
- Strong interpersonal skills that establish and sustain close working relationships with functional teams and subject matter experts as well as IT technical, development, and support personnel.
- Understanding and respect for confidentiality and privacy, with strong ethics and compliance aptitude.
- Exceptional oral and written communication skills and expertise with policy writing, crafting educational and impactful emails and other materials. Ability to translate complex technical jargon into understandable and actionable messages.
- Candidate must have a degree in Computer Science, Information Systems or related field or equivalent relevant experience.
- Familiarity with information security standards, including ISO 27001, 27002, CIS Benchmark Controls, NIST and others.
- Demonstrated ability to gain skills, knowledge and certifications as needed.
- Any of the following certifications are helpful in the role:
- CCNP (Security)
- Certified Information Systems Security Professional (CISSP),
- Certified Internal Systems Auditor (CISA), or
- Certified Ethical Hacker (CEH).
- Full Time, Exempt.
- Hybrid Work Schedule Authorized