SUMMARY

The Information Security Engineer is responsible for implementing, monitoring, and maintaining security solutions within the organization, not excluding security testing. As risks change, the Information Security Engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape. The Information Security Engineer ensures that the right security policies and practices are implemented and enforced by managing the security related configurations within the Enterprise security infrastructure. The Information Security Engineer will provide subject matter expertise regarding platform and system design, development, and implementation. The Information Security Engineer delivers these solutions in accordance with the organization's architectural designs, best practices, and regulatory or compliance requirements.

MAJOR DUTIES AND RESPONSIBILITIES (ESSENTIAL FUNCTIONS)

• Handle day-to-day implementation, monitoring and operational support of hardware, software, customer applications, managed solutions, and service provider relationships.
• Engage in information security projects that evaluate existing security infrastructure and propose changes as defined by security leadership and architects. Additionally, deliver projects on time, within budget and in accordance with service level agreements (SLAs).
• Research, validate and deploy solutions meeting security and business needs.
• Ensure security solutions, policies and procedures are sufficient to meet and respond to threats to our data and infrastructure.
• Recommend and provide technical support processes, metrics, and SLAs
• Support and document the implementation of approved security services and infrastructure components
• Conduct performance testing to stress the limitations of security solutions while at the same time ensuring business innovation and day-to-day processes are not negatively impacted.
• Defines tuning and configuration parameters/settings for technologies, platforms, and systems to meet operational requirements
• Design, develop and deliver of Identity and Access Management and Identity Governance and Administration technical solutions for both Cloud and On Premises.
• Define access review and new certifications processes and manage the certification campaign cycles until completion and for continued maintenance and support of data security policies and procedures.

Additional Duties and Responsibilities

• Adherence to all First United Policies and Procedures.
• Performs other related duties as required and assigned.
• Complete all required compliance exams on an annual basis

EMPLOYEE SPECIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Required Education and Work Experience

• Bachelor's degree or equivalent experience.
• Highly technical and analytical expertise, with a proven deep background (preferred 5+ years' IT experience in addition to cybersecurity) in technology design, implementation and delivery
• Okta Certified Admin Preferred
• AZ-104 or AZ-500 Preferred
• Proficient with scripting in Python, JavaScript, PowerShell, PHP or Ruby
• CISSP Required

Knowledge and/or hands on experience in some of the following areas:

• Ability to drive innovation for system and security improvements, determine engineering and design best practices, find automation opportunities and guide proper use of new features
• Deep knowledge of Azure and Microsoft 365 solutions, including both infrastructure and security components.
• Experience implementing cloud-based security policies and procedures, control standards and operational practices
• Effective understanding and working knowledge of authentication, authorization, and identity governance and administration standards such as Single Sign-On (SSO), Multi Factor Authentication (MFA), Access Gateway, Entitlement Management, Just in Time Administration, Principles of Least Privilege, Federation, Conditional Access, Zero Trust
• Architectures and Concepts of Security Assertion Markup Language (SAML), OpenID (OIDC), Open Authentication (OAuth) Incident Response, Documentation, reporting and investigations
• Solid understanding of IAM/PAM tools and review process (Okta, Delinea, SecureEnds)
• Hands-on expertise with Microsoft Certificate Services and related components.
• Working knowledge of Active Directory and its integration with Microsoft PKI Experience with certificate-enabled applications, such as SSL/TLS, S/MIME, authentication, EFS, 802.1X, Code Signing, etc.
• Thorough understanding of cryptographic concepts: symmetric/asymmetric cryptography, secure hash, digital signatures
• Passively & actively test identity, network and system vulnerabilities.
• Experienced with various scripting methods such as PowerShell Ruby or Python and Proficiency with creation and editing of XML files.
• Knowledge of security standards, audits, and log analysis
• Excellent communication skills, written and verbal
• Excellent problem and resolution skills
• Ability to think strategically and tactically, with effective decision-making skills.

NOTE: This job description is not intended to be all-inclusive. Employee may perform other related duties as assigned by supervisor to meet the ongoing needs of the organization.

#LI-MM1 #Managed

If any applicant is unable to complete an application or respond to a job opening because of a disability, please email us at for assistance.