Information Security Engineer
Overview:
The Salvation Army, an international movement, is an evangelical part of the universal Christian Church. Its message is based on the Bible. Its ministry is motivated by the love of God. Its mission is to preach the gospel of Jesus Christ and to meet human needs in His name without discrimination.
We are the largest non-governmental provider of social services in America and every year, we help over 30 million Americans overcome poverty, homelessness, addiction, economic hardships, loneliness, and exploitation through a wide range of programs and services.
The Information Security Engineer plays a crucial role within the IT and Security Department, and is responsible for designing, implementing, and maintaining security measures that protect the organization’s computer systems, networks, and data from cyber-attacks and/or unauthorized access of the organization’s data.This position is instrumental in supporting the Incident Manager, Information Security Director, and mentoring the Security Analysts. The engineer’s responsibilities include assisting in the development
of organizational security policies and procedures.
This position requires approximately 35 hours of work per week and may be eligible for a hybrid work arrangement.
Responsibilities:
The core responsibilities of this position are as follows:- Design and Implement Network Security Processes
o Implementation of firewalls, intrusion detection systems and other security measures to prevent
unauthorized access to the network.o Identify security risks and develop strategies to mitigate these risks.
o Remain abreast of all current security threats and ensure all security processes remain effective.
- Monitor and Evaluate Network Security
vulnerabilities that could be exploited by malicious actors.
o Monitor network traffic and analyze security logs using existing tools to detect suspicious activity
and respond to security incidents managed by the Incident Manager in a timely and effective
manner.
o Assist in evaluation and implementation of additional security tools as needed and developingprocesses and procedures for their use.
- Provide Technical Support
o Provide technical support and guidance to other members of the organization.
o Assist in training staff members on security best practices, troubleshooting security issues andresponding to security incidents. technical support.
o Ability to communicate complex technical information in a clear and concise manner.
- Security Awareness and Training
management, and recognizing phishing attempts and other social engineering tactics.
o Assess the effectiveness of the training across the territory and create training sessions for
employees across various departments (e.g., ARCC, Finance, CRD, HR) relevant to the sensitive
data they handled, ensuring they understand their roles in maintaining cybersecurity.
o Stay informed about new security awareness training methods and technologies to enhance theeffectiveness of training programs.
- Compliance and Best Practices Implementation
compliance standards (e.g., NYSHIELD, GDPR, HIPAA, PCI-DSS).
o Creating and updating security policies and procedures to align with best practices and ongoing
compliance requirements.
o Assist the Information Security Director by participating in internal and external audits, providingnecessary documentation and evidence of compliance where warranted.
- Threat Intelligence and Research
o Actively follow cybersecurity news, trends, and threat intelligence reports to stay ahead of the
organization's potential security threats.o Lead internal threat intelligence by analyzing and summarizing current threats, vulnerabilities, and attack methodologies.
o Engage with cybersecurity communities and forums to exchange knowledge and stay informedabout emerging cybersecurity technologies and practices.
- Tools and Technologies Management
the organization's security posture.
o Ensure proper configuration, maintenance, and update of security tools to optimize theireffectiveness and efficiency.
Qualifications:
Bachelor's degree from four-year college or university.- 5 years of related experience.
- Cybersecurity training / certifications – CISSP, CISM, Security+, or equivalent is preferred.
- Proficient in using SIEM systems, endpoint security solutions, and network monitoring tools.
- Awareness of regulatory compliance standards relevant to cybersecurity (e.g., NYSHIELD, GDPR,
- Excellent analytical and problem-solving skills.
- Stays informed of trends in the industry through news and events (e.g., threat intelligence and
- Demonstratable passion for the field of cybersecurity through consistent learning and engagement
certifications, etc.)
- Strong communication and collaboration abilities across various levels and departments.
- Generous Medical, Dental, Vision Benefits
- TSA paid Life Insurance for Employees
- Additional life insurance options for employees
- On-site cafeteria
- Paid Time Off – Vacation, Sick, Personal day
- 403(b) retirement savings plan
- Non-contributory Pension Plan
- Professional Development
- Education Assistance
- Free, on-site Fitness Center
- Federal holidays
- Opportunities to give back and support our communities
All qualified applicants will receive consideration for employment without regard to race, color, sex, national origin, disability or protected veteran status.