Security Engineer job description
Updated March 14, 2024
12 min read
A security engineer is responsible for the oversight and management of the digital security of their clients. Their duties include testing and maintaining IT systems, responding to breaches, and creating safety protocols..
Find Better Candidates in Less Time
Post a job on Zippia and take the best from over 7 million monthly job seekers.
Example security engineer requirements on a job description
Security engineer requirements can be divided into technical requirements and required soft skills. The lists below show the most common requirements included in security engineer job postings.
Sample security engineer requirements
- Experience with security frameworks and protocols
- Knowledge of network and system security
- Ability to analyze and interpret data
- Proficiency in programming languages
- Experience with vulnerability testing and risk assessment
Sample required security engineer soft skills
- Excellent communication and interpersonal skills
- Strong problem-solving and critical thinking abilities
- Ability to work independently and as part of a team
- Adaptability and flexibility
- Commitment to ongoing learning and professional development
Security Engineer job description example 1
General Dynamics security engineer job description
- Perform or review technical security assessments to identify vulnerability points, non-compliance with established standards and recommend mitigation.
- Performs requirements analysis to determine security needs for complex systems, components, and networks.
- Designs software tools and subsystems to support the integration of security products into a secure IT environment.
- Interfaces with client to determine present and future secure network needs, and designs complex network security architecture to meet requirements.
- Designs and implements test and evaluation processes for security and resolves complex integrity issues.
- Validate and verify system security requirements and analysis.
- Design, develop, implement, and integrate IA and security systems and components to ensure sufficient security and compliance.
- Develop, maintain, and deliver accreditation packages meeting agency requirements for ICD 503 with IC overlay.
Skills/Qualifications:
Required:
- 10+ years of experience
- TS/SCI Clearance with CI Polygraph
- Minimum of 5 years experience managing information systems security including certifications and accreditation, security control deficiency remediation, security and test plan development and execution.
Scheduled Weekly Hours:
40Travel Required:
NoneTelecommuting Options:
OnsiteWork Location:
USA VA SpringfieldAdditional Work Locations:
USA MO St. LouisCOVID-19 Vaccination: GDIT does not have a vaccination mandate applicable to all employees. To protect the health and safety of its employees and to comply with customer requirements, however, GDIT may require employees in certain positions to be fully vaccinated against COVID-19. Vaccination requirements will depend on the status of the federal contractor mandate and customer site requirements.We are GDIT. The people supporting some of the most complex government, defense, and intelligence projects across the country. We deliver. Bringing the expertise needed to understand and advance critical missions. We transform. Shifting the ways clients invest in, integrate, and innovate technology solutions. We ensure today is safe and tomorrow is smarter. We are there. On the ground, beside our clients, in the lab, and everywhere in between. Offering the technology transformations, strategy, and mission services needed to get the job done.GDIT is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or veteran status, or any other protected class.Post A Job For Free, Promote It For A Fee
Security Engineer job description example 2
MetLife security engineer job description
Virtual option.
Role Value Proposition:
This role serves as a key member of the cloud security team, within Information Security, focusing on security controls for the cloud environment. The primary focus will be securing cloud technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
Key Responsibilities:
Partnering with architecture, engineering, application, security, and operational staff to identify and drive resolution on Cloud security projects and issues Defining security controls for a Hybrid Cloud implementation using a combination of Cloud native and On-Premise Security tools and applications. Conducting security reviews and recommendation for IaaS, PaaS, & SaaS Cloud environments Developing Cloud Security requirements documentation for IaaS, PaaS and CaaS environments. Defining Network Security and Encryption evaluation and recommendations for complex infrastructure. Designing and implementing controls with Microsoft Defender suite, AWS security hub, Google Cloud Security command center and equivalent security tools. Securing Containerized environments and ability to identify security vulnerabilities . Interfacing with vendors to ensure the appropriate tools, configurations, and workflows are in place Developing data protection proposals using Data loss prevention (DLP), Data discovery / classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills:
Required:
4+ years of experience with Google Cloud, Microsoft Azure and AWS Infrastructure as a Service and Platform as a Service environments. Awareness of Data Sovereignty and privacy controls around the world and ability to translate that to security control that can be applied in the Public cloud environments. 3+ years of Experience with Cloud native security controls in different Cloud environments. Minimum of 5 years of experience managing Security within Active Directory in Windows Servers 2012 and 2016. Active Directory Security groups and Group policies administration and design experience and how it can be translated for use in the Cloud IaaS environments and in Azure Active Directory. 4+ years of experience with scripting tools like PowerShell or Python from an infrastructure security perspective. At least 4 years of experience with Data Loss Prevention tools for Website uploads, Endpoint Data Loss Prevention and Network Data Loss Prevention. Minimum of 1 year working on security tools for Containers and microservices environments. At least two Industry recognized cloud or security certifications (CCSP, CCSK, CCC-PCS, etc.) Bachelor's degree in technology or related field required and Minimum of 9+ years in different information Security domains or no degree and 10+ years' experience.
Preferred:
Industry recognized information security certification are preferred (CISSP). 1 Year of Experience with Cloud Access Security Broker Tools like Bitglass, Netskope or M-Vision (Skyhigh) for Data Loss Prevention for SaaS based applications. Strong ability to communicate to stakeholders with various levels of expertise Strong record of success in supporting large scale programs, preferably in a global organization. Excellent verbal and written communication skill
"At MetLife, we're leading the global transformation of an industry we've long defined. United in purpose, diverse in perspective, we're dedicated to making a difference in the lives of our customers.”
#LI-Remote
#LI-WRAPJOB
MetLife:
MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.
We are one of the largest institutional investors in the U.S. with $642.4 billion of total assets under management as of March 31, 2021. We are ranked #46 on the Fortune 500 list for 2021. In 2020, we were named to the Dow Jones Sustainability Index (DJSI) for the fifth year in a row. DJSI is a global index to track the leading sustainability-driven companies. We are proud to have been named to Fortune magazine's 2021 list of the “World's Most Admired Companies.”
MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.
The wage range for applicants for this positionspecific to Colorado is $120,000-$145,000. This role is also eligible for annual short-term incentive compensation. MetLife offers a comprehensive benefits program, including healthcare benefits, life insurance, retirement benefits, parental leave, legal plan services and paid time off. All incentives and benefits are subject to the applicable plan terms.
We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.
MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.
MetLife maintains a drug-free workplace.
Role Value Proposition:
This role serves as a key member of the cloud security team, within Information Security, focusing on security controls for the cloud environment. The primary focus will be securing cloud technologies, ensuring systems are properly implemented, appropriate processes are developed, and daily monitoring and alerts are managed. This role must have a strong understanding of, and experience with, various IaaS, PaaS, and SaaS platforms, identifying and eliminating risks in these environments.
Key Responsibilities:
Partnering with architecture, engineering, application, security, and operational staff to identify and drive resolution on Cloud security projects and issues Defining security controls for a Hybrid Cloud implementation using a combination of Cloud native and On-Premise Security tools and applications. Conducting security reviews and recommendation for IaaS, PaaS, & SaaS Cloud environments Developing Cloud Security requirements documentation for IaaS, PaaS and CaaS environments. Defining Network Security and Encryption evaluation and recommendations for complex infrastructure. Designing and implementing controls with Microsoft Defender suite, AWS security hub, Google Cloud Security command center and equivalent security tools. Securing Containerized environments and ability to identify security vulnerabilities . Interfacing with vendors to ensure the appropriate tools, configurations, and workflows are in place Developing data protection proposals using Data loss prevention (DLP), Data discovery / classification, and digital rights management (DRM) tools.
Essential Business Experience and Technical Skills:
Required:
4+ years of experience with Google Cloud, Microsoft Azure and AWS Infrastructure as a Service and Platform as a Service environments. Awareness of Data Sovereignty and privacy controls around the world and ability to translate that to security control that can be applied in the Public cloud environments. 3+ years of Experience with Cloud native security controls in different Cloud environments. Minimum of 5 years of experience managing Security within Active Directory in Windows Servers 2012 and 2016. Active Directory Security groups and Group policies administration and design experience and how it can be translated for use in the Cloud IaaS environments and in Azure Active Directory. 4+ years of experience with scripting tools like PowerShell or Python from an infrastructure security perspective. At least 4 years of experience with Data Loss Prevention tools for Website uploads, Endpoint Data Loss Prevention and Network Data Loss Prevention. Minimum of 1 year working on security tools for Containers and microservices environments. At least two Industry recognized cloud or security certifications (CCSP, CCSK, CCC-PCS, etc.) Bachelor's degree in technology or related field required and Minimum of 9+ years in different information Security domains or no degree and 10+ years' experience.
Preferred:
Industry recognized information security certification are preferred (CISSP). 1 Year of Experience with Cloud Access Security Broker Tools like Bitglass, Netskope or M-Vision (Skyhigh) for Data Loss Prevention for SaaS based applications. Strong ability to communicate to stakeholders with various levels of expertise Strong record of success in supporting large scale programs, preferably in a global organization. Excellent verbal and written communication skill
"At MetLife, we're leading the global transformation of an industry we've long defined. United in purpose, diverse in perspective, we're dedicated to making a difference in the lives of our customers.”
#LI-Remote
#LI-WRAPJOB
MetLife:
MetLife, through its subsidiaries and affiliates, is one of the world's leading financial services companies, providing insurance, annuities, employee benefits and asset management to help its individual and institutional customers navigate their changing world. Founded in 1868, MetLife has operations in more than 40 countries and holds leading market positions in the United States, Japan, Latin America, Asia, Europe and the Middle East.
We are one of the largest institutional investors in the U.S. with $642.4 billion of total assets under management as of March 31, 2021. We are ranked #46 on the Fortune 500 list for 2021. In 2020, we were named to the Dow Jones Sustainability Index (DJSI) for the fifth year in a row. DJSI is a global index to track the leading sustainability-driven companies. We are proud to have been named to Fortune magazine's 2021 list of the “World's Most Admired Companies.”
MetLife is committed to building a purpose-driven and inclusive culture that energizes our people. Our employees work every day to help build a more confident future for people around the world.
The wage range for applicants for this positionspecific to Colorado is $120,000-$145,000. This role is also eligible for annual short-term incentive compensation. MetLife offers a comprehensive benefits program, including healthcare benefits, life insurance, retirement benefits, parental leave, legal plan services and paid time off. All incentives and benefits are subject to the applicable plan terms.
We want to make it simple for all interested and qualified candidates to apply for employment opportunities with MetLife. For further information about how to request a reasonable accommodation, please click on the Disability Accommodations link below.
MetLife is a proud Equal Employment Opportunity and Affirmative Action employer dedicated to attracting, retaining, and developing a diverse and inclusive workforce. All qualified applicants will receive consideration for employment at MetLife without regards to race, color, religion, sex (including pregnancy, childbirth, or related medical conditions), sexual orientation, gender identity or expression, age, disability, national origin, marital or domestic/civil partnership status, genetic information, citizenship status, uniformed service member or veteran status, or any other characteristic protected by law.
MetLife maintains a drug-free workplace.
Dealing With Hard-To-Fill Positions? Let Us Help.
Security Engineer job description example 3
State Street security engineer job description
Who we are looking for
State Street seeks to recruit a Cloud Security Engineer that will create, test, enhance, and document detection capabilities that identify and stop threat actors.
Our team protects State Street, its customers and partners from the ever evolving and sophisticated global threat actors. We will evolve our threat management capabilities into a pro-active intelligence-driven fusion model. We need your intellect, your initiative, and your integrity!
"The position is remote with occasional travel to our offices, including those in Kilkenny, Ireland."
What you will be responsible for
As Cloud Security Engineer you will
Develop & Maintain Detection Logic and Systems
Triage, prioritize, and resolve requests for new, corrected or enhanced detection logic.Determine the best method for detecting threat actors and their Tactics, Techniques & Procedures (TTPs).Develop and implement dependable detection logic for cloud and on-prem systems.Test and tune threat detection use cases within the Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR) and other security platforms.Monitor and maintain lifecycle of SIEM knowledge objects and similar items.Monitor content metrics, identify opportunities to increase efficiency and fidelity, and identify detection logic for retirement.
Document and Share Security Engineering Knowledge
Validate and document content requirements, search criteria, test cases, and other development lifecycle knowledge in documentation libraries and development tracking tools.Document and maintain assets, scripts and processes to test SIEM/EDR rules for reuse.
Work Across the Organization
Partner with other Fusion Center teams to align detection strategy with threat models, the MITRE ATT&CK framework, and to validate and document threat detection goals.Collaborate across the organization to learn, document, and maintain a library of various IT processes, naming conventions, assets, configurations, and other considerations that can be leveraged to improve security capabilities for State Street.Guide and partner with stakeholders to create detection logic, controls, and alerts using the best tools and methods available. (e.g., SIEM, EDR, IDS, Cloud, email gateways).
What we value
These skills will help you succeed in this role
Open to learning and mentoring others.Takes disciplined initiative.Able to create detective logic and controls.Comfortable with an agile development lifecycle and methodology.Articulate and thorough documentation across the lifecycle.Methodical approach to validate, test, tune and validate threat detection alerts/reports.Knowledge of adversarial TTPs.Knowledge of cyber threat intelligence.Knowledge of IT architecture and operations (e.g., computing, network, storage & cloud).Knowledge of security control technologies.
Education & Preferred Qualifications
BS in Cyber Security, Information Technology, Computer Science or relevant experience+6 years in a cyber security skill role - SIEM/EDR Content Engineer, Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.
Additional requirements
Financial Services experience a plus.Software development and/or scripting experience a plus: RegEx, PERL, Python, PowerShell, etc.Technical security certifications a plus - GMON, GCDA, GCIH, etc.
Why this role is important to us
Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We're driving the company's digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.
We offer a collaborative environment where technology skills and innovation are valued in a global organization. We're looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.
Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.
About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You'll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employees' diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers
State Street seeks to recruit a Cloud Security Engineer that will create, test, enhance, and document detection capabilities that identify and stop threat actors.
Our team protects State Street, its customers and partners from the ever evolving and sophisticated global threat actors. We will evolve our threat management capabilities into a pro-active intelligence-driven fusion model. We need your intellect, your initiative, and your integrity!
"The position is remote with occasional travel to our offices, including those in Kilkenny, Ireland."
What you will be responsible for
As Cloud Security Engineer you will
Develop & Maintain Detection Logic and Systems
Triage, prioritize, and resolve requests for new, corrected or enhanced detection logic.Determine the best method for detecting threat actors and their Tactics, Techniques & Procedures (TTPs).Develop and implement dependable detection logic for cloud and on-prem systems.Test and tune threat detection use cases within the Security Incident and Event Management (SIEM), Endpoint Detection and Response (EDR) and other security platforms.Monitor and maintain lifecycle of SIEM knowledge objects and similar items.Monitor content metrics, identify opportunities to increase efficiency and fidelity, and identify detection logic for retirement.
Document and Share Security Engineering Knowledge
Validate and document content requirements, search criteria, test cases, and other development lifecycle knowledge in documentation libraries and development tracking tools.Document and maintain assets, scripts and processes to test SIEM/EDR rules for reuse.
Work Across the Organization
Partner with other Fusion Center teams to align detection strategy with threat models, the MITRE ATT&CK framework, and to validate and document threat detection goals.Collaborate across the organization to learn, document, and maintain a library of various IT processes, naming conventions, assets, configurations, and other considerations that can be leveraged to improve security capabilities for State Street.Guide and partner with stakeholders to create detection logic, controls, and alerts using the best tools and methods available. (e.g., SIEM, EDR, IDS, Cloud, email gateways).
What we value
These skills will help you succeed in this role
Open to learning and mentoring others.Takes disciplined initiative.Able to create detective logic and controls.Comfortable with an agile development lifecycle and methodology.Articulate and thorough documentation across the lifecycle.Methodical approach to validate, test, tune and validate threat detection alerts/reports.Knowledge of adversarial TTPs.Knowledge of cyber threat intelligence.Knowledge of IT architecture and operations (e.g., computing, network, storage & cloud).Knowledge of security control technologies.
Education & Preferred Qualifications
BS in Cyber Security, Information Technology, Computer Science or relevant experience+6 years in a cyber security skill role - SIEM/EDR Content Engineer, Incident Response, SOC Tier 3 Analyst, Threat Hunter, Penetration testing, etc.
Additional requirements
Financial Services experience a plus.Software development and/or scripting experience a plus: RegEx, PERL, Python, PowerShell, etc.Technical security certifications a plus - GMON, GCDA, GCIH, etc.
Why this role is important to us
Our technology function, Global Technology Services (GTS), is vital to State Street and is the key enabler for our business to deliver data and insights to our clients. We're driving the company's digital transformation and expanding business capabilities using industry best practices and advanced technologies such as cloud, artificial intelligence and robotics process automation.
We offer a collaborative environment where technology skills and innovation are valued in a global organization. We're looking for top technical talent to join our team and deliver creative technology solutions that help us become an end-to-end, next-generation financial services company.
Join us if you want to grow your technical skills, solve real problems and make your mark on our industry.
About State Street
What we do. State Street is one of the largest custodian banks, asset managers and asset intelligence companies in the world. From technology to product innovation we're making our mark on the financial services industry. For more than two centuries, we've been helping our clients safeguard and steward the investments of millions of people. We provide investment servicing, data & analytics, investment research & trading and investment management to institutional clients.
Work, Live and Grow. We make all efforts to create a great work environment. Our benefits packages are competitive and comprehensive. Details vary in locations, but you may expect generous medical care, insurance and savings plans among other perks. You'll have access to flexible Work Program to help you match your needs. And our wealth of development programs and educational support will help you reach your full potential.
Inclusion, Diversity and Social Responsibility. We truly believe our employees' diverse backgrounds, experiences and perspective are a powerful contributor to creating an inclusive environment where everyone can thrive and reach their maximum potential while adding value to both our organization and our clients. We warmly welcome the candidates of diverse origin, background, ability, age, sexual orientation, gender identity and personality. Another fundamental value at State Street is active engagement with our communities around the world, both as a partner and a leader. You will have tools to help balance your professional and personal life, paid volunteer days, matching gift program and access to employee networks that help you stay connected to what matters to you.
State Street is an equal opportunity and affirmative action employer.
Discover more at StateStreet.com/careers
Start Connecting With Qualified Job Seekers
Resources for employers posting security engineer jobs
Security Engineer job description FAQs
Ready To Start Hiring?
Updated March 14, 2024