Information Security Engineer - Columbus, OH
Work Location: on-site full-time
Start Date: August 2024
Rate: Not Defined / need Candidate’s requested rate
Hours: 40 hours full-time
US Citizenship Required

Position Details:
Information Security Engineer improves the security systems on our computer networks. In this position, you will work with our security analysts to locate and improve weak points in our security. You may suggest new hardware or develop software to fix any issues. You will also perform routine maintenance to keep our security systems running efficiently. Our ideal applicant has a bachelor's degree in computer science or software engineering. We also prefer that you have Certified Information Systems Security Professional (CISSP).

Responsibilities:
• Ensure the safety of information systems assets and protect systems from unauthorized access by performing system access reviews (for internal applications and Cloud services) and documenting any findings.
• Perform information security risk assessments on products, processes, vendors, and systems with consideration of good security best practices and the Company’s overall risk appetite
• Document and manage security exceptions, violations, incidents and other risk concerns to closure.
• Actively monitor new and emerging security related technologies, trends, issues, and solutions and assess their applicability. Make recommendations for preventive measures as necessary.
• Perform routine maintenance on our information security systems
• Work with our security analysts to spot weak points
• Develop software solutions to close holes in our security
• Make hardware upgrades
• Respond to security breaches

Qualifications:
• 4-7+ years of experience in a security compliance role leading technical security and privacy compliance audits and assessments to include SOC, or PCI-DSS
• Experience with cloud-based concepts; as well as development and auditing of controls preferably AWS and Azure
• Experienced at assessing enterprise SaaS and cloud offerings, including various infrastructure platforms such as Linux, Windows, SQL Server, Oracle
• Knowledge of key technical concepts such as network design, cloud platform architecture, and experience with and understanding of information security governance programs and control framework concepts, particularly the NIST Cybersecurity Framework
• Knowledge of information security best practices, frameworks, regulations, and regulatory trends
• Experience with Microsoft Office, various GRC, control monitoring and cybersecurity tools

Interested parties that meet or exceed the requested qualifications, please send a detailed resume and rate expectation to Erika Roden at ENR@BCPEngineers.com