Information Security Engineer

Aureon Consulting • Cedar Rapids, IA, US • 1d ago

One of our favorite clients is actively seeking an Information Security Engineer on a permanent basis.

Responsibilities:

Develop and enforce security policies, standards, and procedures to ensure adherence to industry regulations and best practices.
Lead the design, implementation, and upkeep of enterprise-wide security solutions to defend against cyber threats and attacks.
Conduct thorough security assessments and risk analyses to identify and prioritize vulnerabilities and weaknesses in systems and infrastructure.
Act as a subject matter expert on security-related technologies, including SIEM, IDS/IPS, firewalls, endpoint security, and encryption.
Oversee incident response activities, including threat detection, containment, eradication, and recovery, ensuring timely resolution of security incidents.
Collaborate with IT and development teams to incorporate security controls into the software development lifecycle and DevOps processes.
Investigate security breaches and incidents, providing detailed reports on root cause and remediation steps.
Stay current with industry standards, emerging cyber threats, and best practices, making recommendations to enhance security.
Conduct regular assessments and vulnerability scans to identify potential risks and weaknesses.
Create and deliver security awareness training sessions for all team members.
Participate in all response, recovery, and analysis efforts as needed.

Qualifications:

Proven experience designing and implementing security solutions in complex environments.
Expertise in networking, network protocols, operating systems, and security technologies, with a strong understanding of security principles and best practices.
Demonstrated experience with security assessment tools, penetration testing, and vulnerability management.
Hands-on experience with cloud security platforms (e.g., AWS, Azure, GCP) and container security technologies.
Strong leadership and communication skills, with the ability to effectively collaborate with cross-functional teams and influence stakeholders at all levels.
Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desired.
Experience in regulated industries (e.g., finance, healthcare) and familiarity with compliance frameworks (e.g., NIST, PCI DSS, GDPR) is a plus.

Does this sound like you? Would you like to hear more details? Apply here!