Log In

Log In to Save

Sign Up to Save

Sign Up to Dismiss

or

The email and password you specified are invalid. Please, try again.

Email and password are mandatory

Forgot Password?

Don't have an account? Sign Up

reset password

Enter your email address and we will send you a link to reset your password.

Back to Log In

Become A Senior Information Security Engineer

Where do you want to work?

To get started, tell us where you'd like to work.
Sorry, we can't find that. Please try a different city or state.

Working As A Senior Information Security Engineer

  • Interacting With Computers
  • Getting Information
  • Analyzing Data or Information
  • Evaluating Information to Determine Compliance with Standards
  • Communicating with Supervisors, Peers, or Subordinates
  • Deal with People

  • Mostly Sitting

  • $98,835

    Average Salary

What Does A Senior Information Security Engineer Do At Fifth Third Bank

* Contribute to and enhance the bank's network vulnerability management program..
* Define security requirements for the implementation of new applications and projects..
* Serve as a security engineer/consultant on projects..
* Participate in conducting security research on threats and remediation techniques/ technology, make recommendations to the IS/IT teams and oversee their implementation..
* Support the Bank's operational information security responsibilities, including the development maintenance of standards, procedures, and guidelines necessary to satisfy the Information Security department's network operations..
* Proactively monitor and investigate network security alerts from managed security service provider and in-house security tools..
* Assist in conducting risk assessments to evaluate the effectiveness of existing controls and determine the impact of proposed changes to business processes, applications and systems..
* Provide technical support to regulatory agencies, external auditors, and internal auditors, as required, to respond to audits and examinations of the Bank's control environment

What Does A Senior Information Security Engineer Do At Leidos

* Areas of responsibilities include, but are not limited to, IT Security Strategy, Cyber Security, and Compliance and Risk Management to protect the customer’s information and information systems from unauthorized access, use, disclosure, disruption, modification, perusal, inspection, recording and destruction
* Applies information security engineering experience to perform functions such as systems requirements analysis, functional analysis, timeline analysis, trade studies, requirements allocation and interface definition, technical management, system integration, configuration management, quality assurance testing, or acquisition and resource management
* Analyzes designs, develops, implements, tests, or evaluates software, components, or systems related to engineering or functional requirements of military weapons systems
* Establish a system security engineering (SSE) process and strategies to plan, organize, and manage program efforts to achieve maximum security and survivability of the system
* Research, develop, implement, test and review a software system’s information security IAW DoD/NIST RMF/ICD
* DIACAP requirements to protect information and prevent unauthorized access.
* In this role, the ISSE candidate will direct the contracting team about security measures, explain potential threats, implement security measures, and monitor applications in order to meet or exceed all DoD/NIST RMF requirements, resulting in faster and more accurate software releases
* Serve as the government program office’s Information Assurance point of contact to support Authorization to Operate (ATO) and Authority to Connect (ATC) certifications that will be required for releases of the developed program
* Develop and maintain system-specific Security Controls Test Matrix (SCTM), Security Assessment Report, Risk Assessment Report, POA&M, Application Security and Development Checklists, and other artifacts supporting certification and accreditation paperwork in accordance with RMF and JSIG
* Work closely with software engineers supporting and troubleshooting the deployment of software
* Perform within an agile program environment

What Does A Senior Information Security Engineer Do At Henry Schein, Inc.

* Mentor more junior security engineers by leading and influencing technical decisions, processes, and best practices with a moderate ability to explain technical concepts in written and verbal forms
* Advise in, and participate in, the design of secure products and architectures
* Perform architecture security reviews, security focused code reviews, and security testing
* Work closely with engineering and product teams to design and implement security-related systems and functionality, including writing secure code as necessary, and verification of threat models, risk and security posture
* Monitor software usage and perform forensics to verify that the software is performing to the required security standards
* Perform constant monitoring and awareness of key developments in the area of web and client application security in order to provide direction of security trends, and anticipate emerging standards and best practices
* Provide leadership, guidance and direction to security resources and be an influencer of development, systems, support, and quality assurance teams
* Communicate to senior management by demonstrating a moderate skill in presenting technical concepts
* Attend all meetings necessary for the seamless delivery of the product as part of the Software Development Life Cycle

What Does A Senior Information Security Engineer Do At L3 Technologies

* Implement new security initiatives, utilizing technical solutions and policies & procedures.
* Work with a wide variety of security tools, both network and system based.
* Participate in projects and initiatives, validating security requirements are being met, and researching and recommending appropriate security solutions.
* Document processes, policies, and procedures as required.
* Qualifications

What Does A Senior Information Security Engineer Do At ISS, Inc.

* Provide first responder forensics analysis and investigation of Severity 1 security incidents.
* Provide forensics analysis and investigation of Severity 2 to Severity 3 security incidents through escalation from Tier 2 Analysts.
* Work with Tier 2 Analysts to communicate findings during investigation for documentation and escalation.
* The Senior Information Security Engineer will drive the containment strategy during data loss or breach events including:
* o Triage and resolve advanced vendor attack such as botnets and advanced persistent malware.
* o Work directly with data asset owners and business response plan owners during high severity incidents.
* o Determines the impact of events and recommends incident alter thresholds.
* o Aggregates and correlates event data from multiple sources and sensors.
* Reviews aggregated threat feed data from Tier 2 Analysts to determine tuning of countermeasure required or vulnerabilities to be remediated outside of the Risk/IT process.
* Reviews vulnerability scans for high vulnerabilities and prioritizes remediation actions required for asset owner and feed Tier 2 Analyst for ticketing and tracking.
* Provide tuning recommendations of policy in security control tools to tool administrators based on findings during investigations or threat information reviews.
* Provide recommendation tuning of the IDS, proxy policy, in-line malware tools based on threat feeds, trust and reputation data incidents, or vulnerabilities and exploits of downstream systems.
* Issue documentation and proactively contacting customers when an issue is resolved to ensure the service provided met or exceeded the customer expectations.
* Review weekly security incident metrics.
* Find trends in security incident for security problem identification, control deficiencies, gaps in countermeasure capabilities and publish findings monthly for operational reviews.
* Monitoring and analyze network and security event data from a variety of sources to identify internal security events based on internal and common intelligence sources.
* Investigate intrusion attempts and perform in-depth analysis of exploits.
* Stay abreast of the threat landscape through open sources and observed activity.
* Development and documentation of Tier 1 or 2 Analyst activities and workflows.
* Analyzes detected events to understand attack target and methods.
* Monitors information systems and assets at discrete intervals to identify cyber security threats and events and verify the effectiveness of protective measures.
* Monitors network, personnel, external service providers, and the company’s physical environment to detect potential cyber security events.
* Monitor systems to detect malicious and unauthorized mobile code.
* Monitors environments for unauthorized personnel, connections, devices, and software.
* Establish and assist in the testing of the Business Continuity and Disaster Recovery plan to include:
* o Assist with the execution and recovery processes and procedures to ensure timely restoration of systems or assets affected by cyber security events
* o Assist with the execution (lead by the IT Manager) of the recovery plan and document the event.
* o Assist with restoration activities with internal and external parties, such as coordinating centers, Internet Service Providers, owners of attacking systems and management teams during recovery operations.
* o Assist in improving recovery planning and processes by incorporating lessons learned into future activities and associated strategies.
* Maintain and test the Incident response plan to include:
* o Develop, maintain, and execute response processes and procedures to ensure timely response to detected cyber security events.
* o Test and continually improve detection processes and communicate detection information to senior leadership.
* o Categorize incidents consistent with response plans.
* o Educate and train personnel on their role and order of operations when a response is needed.
* o Report events following internal and external requirements.
* o Share information consistent with incident response plan and coordinate stakeholders as necessary.
* o Promote situational threat awareness by executing voluntary information exchanges with key stakeholders.
* o Conduct analysis to ensure adequate response and support recovery activities.
* o Investigate notifications from detection systems and assesses impact of incident.
* o Performs mitigation activities to prevent expansion of an event, mitigate its effects, and eradicate the incident.
* o Improve organizational activities and readiness by incorporating lessons learned from current and previous detection/response activities.
* Additional Duties May Include:
* Document and train new and existing Tier 1 and 2 analysts.
* Document and/or mitigate newly identified vulnerabilities.
* Supervise security operations center with company and third-party resources to provide continuous capability for security monitoring, detection, incident response, and recovery.
* Manage systems and processes to detect anomalies and events in a timely manner and ensures the potential impact of events are understood by all stakeholders.
* Develop a deep understanding of operational risks that drive appropriate response protocols that minimize company impact.
* Influence and improve existing processes through innovation and operational change.
* Apply knowledge of information assurance policy, procedures, and workforce structure to implement secure networking, computing, and enclave environments.
* Write authorization and accreditation documentation (and associated policies and procedures) ensuring systems are operated and maintained in accordance with these security plans.
* Support the configuration control board planning, assessment, risk analysis, and risk management
* Interface with the user community to understand their security needs and assist with the implementation procedures to accommodate them.
* Ensure that the user community understands and adheres to necessary policies and procedures in order to maintain security

Show More

Show Less

How To Become A Senior Information Security Engineer

Most information security analyst positions require a bachelor’s degree in a computer-related field. Employers usually prefer analysts to have experience in a related occupation.

Education

Information security analysts usually need at least a bachelor’s degree in computer science, programming, or a related field. As information security continues to develop as a career field, many schools are responding with information security programs for prospective job seekers. These programs may become a common path for entry into the occupation. Currently, a well-rounded computer education is preferred.

Employers of information security analysts sometimes prefer applicants who have a Master's of Business Administration (MBA) in information systems. Programs offering the MBA in information systems generally require 2 years of study beyond the undergraduate level and include both business and computer-related courses.

Work Experience in a Related Occupation

Information security analysts generally need to have previous experience in a related occupation. Many analysts have experience in an information technology department, often as a network or systems administrator. Some employers look for people who have already worked in fields related to the one in which they are hiring. For example, if the job opening is in database security, they may look for a database administrator. If they are hiring in systems security, a computer systems analyst may be an ideal candidate.

Licenses, Certifications, and Registrations

There are a number of information security certifications available, and many employers prefer job candidates to have one. Certification validates the knowledge and best practices required from information security analysts. Some are general information security certificates, such as the Certified Information Systems Security Professional, and others have a narrow focus, such as penetration testing or systems auditing.

Advancement

Information security analysts can advance to become chief security officers or another type of computer and information systems manager.

Important Qualities

Analytical skills. Information security analysts must carefully study computer systems and networks and assess risks to determine how security policies and protocols can be improved.

Detail oriented. Because cyberattacks can be difficult to detect, information security analysts pay careful attention to their computer systems and watch for minor changes in performance.

Ingenuity. Information security analysts anticipate information security risks and implement new ways to protect their organizations’ computer systems and networks.

Problem-solving skills. Information security analysts respond to security alerts and uncover and fix flaws in computer systems and networks.

Show More

Show Less

Senior Information Security Engineer jobs

Add To My Jobs
Job type you want
Full Time
Part Time
Internship
Temporary

Real Senior Information Security Engineer Salaries

Job Title Company Location Start Date Salary
Senior Information Security Engineer Randstad Technologies, LP Charlotte, NC Jun 16, 2014 $170,000
Senior Information Security Engineer Randstad Technologies, LP Woburn, MA Sep 08, 2015 $170,000
Senior Software Engineer 2-Information Security Engineer Jet.Com, Inc. Hoboken, NJ Nov 21, 2016 $165,000
Senior IT Security Engineer OSP Global, LLC Fairfax, VA Sep 22, 2016 $155,000
SR. Information Security Engineer Workday, Inc. Pleasanton, CA Jun 05, 2016 $155,000
Senior IT Security Engineer General Motors Company Detroit, MI Nov 02, 2014 $153,804
Senior Information Security Engineer Autodesk, Inc. San Francisco, CA Apr 12, 2016 $150,000
SR. Information Security Engineer Linkedin Corporation Mountain View, CA Apr 20, 2016 $148,500 -
$183,000
SR. IT Security Engineer General Motors Company Detroit, MI Dec 11, 2014 $140,000
Senior Information Security Engineer MUFG Union Bank, N.A. Jersey City, NJ Dec 09, 2016 $135,000
Senior Associate, Information Security Engineer Pine River Capital Management L.P. New York, NY Oct 13, 2016 $135,000
Senior Principal, IT Security Engineer Ca, Inc. Islandia, NY Jan 06, 2014 $135,000
Senior Associate, Information Security Engineer Pine River Capital Management LP New York, NY Jul 06, 2015 $135,000
SR. Staff Information Security Engineer Inovant, LLC Ashburn, VA Jan 31, 2015 $124,654 -
$151,700
Senior Information Security Engineer EBAY Inc. San Jose, CA Apr 09, 2012 $124,000
SR. Information Security Engineer Fireeye, Inc. Milpitas, CA Nov 17, 2014 $121,867 -
$173,100
Senior Information Security Engineer Linkedin Corporation Mountain View, CA Oct 06, 2014 $121,867 -
$172,100
Senior Information Security Engineer Autodesk, Inc. San Francisco, CA Dec 04, 2013 $121,347 -
$178,000
Senior Information Security Engineer Autodesk, Inc. San Rafael, CA Oct 25, 2013 $121,347 -
$178,000
Senior IT Security Engineer Agero Administrative Service Corp. Medford, MA Mar 23, 2015 $120,000
Senior Information Security Engineer Ameriprise Financial, Inc. Minneapolis, MN Oct 08, 2016 $100,027 -
$144,100
SR. Information Security Engineer Inovant, LLC Ashburn, VA Feb 14, 2011 $98,405 -
$105,000
Senior Information Security Engineer LPL Financial LLC Charlotte, NC Jun 04, 2016 $97,074 -
$120,000
Senior Information Security Engineer Ameriprise Financial, Inc. Minneapolis, MN Jun 09, 2014 $96,100 -
$144,100
SR. Information Security Engineer American Airlines Fort Worth, TX Apr 27, 2016 $95,225 -
$133,541
Senior Information Security Engineer Alliant Technologies, LLC Monmouth Junction, NJ Dec 15, 2009 $95,000 -
$115,000
Senior Network/Information Security Engineer Innocore Solutions, Inc. Irving, TX May 15, 2015 $95,000
Senior Information Technology Security Engineer Compass Solutions, LLC Ashburn, VA Apr 22, 2010 $95,000

No Results

To get more results, try adjusting your search by changing your filters.

Show More

Top Skills for A Senior Information Security Engineer

VulnerabilityAssessmentsEnsureComplianceFirewallsSecurityInformationProceduresSecurityPoliciesWebIncidentResponseAssuranceSecurityServicesDODCyberWindowsDisaNistNetworkSecuritySiemRiskManagementIntrusionDetectionInformationSystems

Show More

Top Senior Information Security Engineer Skills

  1. Vulnerability Assessments
  2. Ensure Compliance
  3. Firewalls
You can check out examples of real life uses of top skills on resumes here:
  • Perform vulnerability assessments, security audits, and development of business continuity/disaster recovery procedures for clients.
  • Conduct regular audits to ensure compliance with established security standards.
  • Developed Minimum Security Baselines for Network Devices for all 250+ routers, switches and firewalls in the enterprise.
  • Created modified, and updated Intrusion Detection Systems (IDS) and Security Information Event Management (SIEM) tool rules.
  • Designed, evaluated, interpreted, and applied IT security regulations, policies, and procedures.

Top Senior Information Security Engineer Employers

Senior Information Security Engineer Videos

Network Engineer: Expectations vs Reality

A day in the life of IT security

Security and Privacy?

×