This site uses cookies. To find out more, see our Cookies Policy

Information Security Engineer in Chicago, IL at Solution Partners

Date Posted: 10/27/2017

Job Snapshot

  • Employee Type:
  • Location:
    Chicago, IL
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:

Job Description

Position Summary
The Information Security Engineer position is primarily responsible for implementing and maintaining various technologies to ensure the security of the company's systems. Thorough understanding on both product based solutions and fundamental security best practices are vital to this role. The Information Security Engineer will also be responsible for providing technical leadership for strategic projects and initiatives on the security roadmap as well as participating in more general network security and architectural efforts. Furthermore, the Information Security Engineer will collaborate with other Engineers and SMEs to apply and support best practices for security, server building, change management, account management, documentation, and user experience management.

Ongoing Tasks and Responsibilities
- Design, implement, administer, troubleshoot, and support security infrastructure on our network, including the following:
- Multicontext firewalls and clustering
- Intrusion detection and prevention
- Vulnerability management
- Centralized log management
- Data Loss Prevention
- Content Filtering
- VMWare and Microsoft Windows systems
- Non-Windows authentication controls, i.e., cloud-based identity management, Cisco, and Palo Alto Networks
- Collaborate with other staff in Information Services to ensure that security standards are developed and enforced in the course of implementing or upgrading firm technology, educating others on security best practices.
- Demonstrate awareness of security best practices across common technologies, advocating for additional controls as necessary to ensure optimal security. Examples of technologies to be addressed include the following:
- Active Directory
- Group Policy
- Windows desktop systems and "locked down" desktop management
- VMWare and Microsoft Windows Server systems
- Non-Windows authentication controls, i.e., cloud-based identity management, Cisco, and Palo Alto Networks
- Two-factor authentication
- Network access control
- Participate fully in all efforts to develop security policies and meet client or other compliance requirements. Lead efforts to document security standards and procedures, demonstrating best practices to auditors or reviewers.
- Review business processes, recommend and implement supportable security changes, including any relevant tools to better secure those processes.
- Evaluate, implement, and enforce security practices around mobile and remote solutions, including Citrix, VPN, and MDM.
- Maintain and coordinate incident response planning, assisting in execution of the incident response plan as needed.
- Investigate actual and suspected security breaches.
- Ensure consistent policies are applied to any hosted or cloud-based services being utilized by the firm.
- Conduct log review and reporting on security devices and identified Windows systems.
- Generate evidence for compliance/audit.
- Work with vendors as necessary to supplement our security capabilities and recommend their use when appropriate.
- Provide backup assistance for other Network Operations team members as necessary.
- Assistance with all projects and tasks related to the firm as directed by the Network Operations Manager

Qualifications and Education
- Bachelor's degree, preferably in a computer-related field
- 5+ years' experience in Information Security or related field
- SANS Institute GCIA, GCFW or GCIH preferred; other SANS certifications considered
- Working knowledge of compliance frameworks, such as COBIT, ITIL, NIST or ISO 27001/2
- CISSP or GIAC certification preferred
- Experience with Trend Micro, Palo Alto Networks, Splunk, Rapid7 Nexpose preferred
- Experience in the legal market a plus
- Effective communication skills, both written and oral. Strong interpersonal skills required to communicate with all other IS members, members of the firm (users of systems), and clients. Must have customer service attitude and ability to work well with other groups.
- Superior understanding of the firm's goals and objectives, with demonstrated ability to apply technology in solving business problems
- Strong organizational skills, capability to schedule and coordinate multiple activities in results-oriented environment. Initiative and ability to enforce policies and procedures through influence.
- Must subscribe to being highly available and responsive to occasional after-hours issues, as the firm operates on a near 24x7 basis.