Visit our website

logo

View all jobs

Information Security Engineer

Ashburn, VA · Information Technology

TaEx is partnering with a media services organization to identify a Senior Information Security Engineer.  This is a long term role located in Ashburn, VA.

Responsibilities:

  • Work within the GRC team to perform in-depth technical risk assessments of systems to determine risk level and mitigation strategies.
  • Work with the team to continuously improve the technology risk process and procedures
  • Communicate potential weaknesses and associated risks identified by the risk assessment and compliance process.
  • Develop action plans and/or recommend alternative solutions to resolve risks and exceptions.
  • Provide oversight to ensure tracking of remediation plans for timely closure of risk issues.
  • Provide security consulting and advisory services to business units and project teams.
  • Research and maintain a knowledge base regarding information security risks, issues, solutions and potential implications for our client.
  • Provide Security requirements for development teams as needed prior to application deployment.
  • Review vendor contracts for compliance with Security Policies and Standards and perform vendor risk assessments.

Required Qualifications

  • Bachelor’s degree or equivalent work experience and a proven track record in the field of information security and/or risk management.
  • 5 or more years of hands-on technology, risk, security and/or governance experience.
  • Must have in-depth knowledge of common information security topics, policies and standards.
  • Excellent verbal and written communication skills with the ability to understand business requirements.
  • Must be able to develop risk management strategies that align with business goals and objectives and protect the confidentiality, integrity and availability of information systems and data.
  • Project management experience on information security processes and within software development life cycles is desired.
  • Familiarity with measures and metrics used in risk assessment methods and/or vulnerability assessment processes.
  • One or more of the following certifications: CISSP, CISA, CISM, CRISC
  • Thorough technical knowledge of the following areas: IT Audits, IT Governance, Risk and Compliance, Information Security and/or Technical Privacy.
  • Solid organizational skills and strong customer service skills.

Desired Qualifications

Certification or hands on experience in one of the following areas:
  • Amazon Web Services (AWS) security or compliance knowledge
  • Knowledge of (or desire to learn) Application Security (OWASP) risks
  • Knowledge of (or desire to learn) Network Security
  • Desire to work in Security Awareness

Share This Job

Powered by