Logo for eTrepid Inc.

Information Security Engineer

eTrepid Inc.

Roles & Responsibilities

  • BS degree in Computer Science or related field or equivalent experience.
  • CISSP certification is required, with additional certifications like CISA, CISM, CEH, or GIAC preferred.
  • At least 8 years of experience in security analysis, including network and endpoint security.
  • Strong knowledge of security frameworks, cloud security, and incident response techniques.

Requirements:

  • Design, implement, and monitor security controls across systems and cloud platforms.
  • Support incident response, vulnerability management, and security assessments.
  • Develop and enforce security standards, procedures, and training programs.
  • Collaborate with vendors and internal teams to enhance security posture.

Job description

Company Description

eTrepid is an Awardwinning Veteran Owned Managed Security Service Provider (MSSP) located in and certified by the state of Maryland. We provide complete and comprehensive fully Managed Cyber Solutions that deliver on all five tenants of the NIST framework. eTrepid also remains on the forefront of industry changes such as regulations associated with the Cybersecurity Maturity Model Certification (CMMC).

The sun never sets on eTrepid, partnering with global leaders in IT enables our client systems to be monitored and serviced by seasoned and certified professionals in real time 24 hours a day, seven days a week, 365 days a year. We can even put boots on the ground in all 50 states.

Job Description

Job Overview:

As a member of the Information Security Program Team, the Information Security Engineer is responsible for participating in all aspects of planning, deploying, documenting, monitoring, & maintaining the layered security to protect the confidentiality, integrity, and availability within the corporate and client facing infrastructures. This position will focus on protecting system boundaries, keeping systems and infrastructure hardened against attacks and securing highly sensitive data, along with securing user and computer identities.

Key Responsibilities:

  • Perform engineering, tuning, and provide guidance of network security controls & hardening including IDSIPS, Web Filtering, Cloud Technologies, EmailSpam, and Firewalls.
  • Perform engineering, tuning, and guidance to the Information Security Team for incident response & SIEM management.
  • Experienced in cloud security and compliance for Azure and AWS.
  • Manage and support Identity and Access Management.
  • Support the investigation and resolution of security incidents.
  • Perform Security User Awareness Training and Phishing campaigns.
  • Perform vulnerability management as well as support penetration testing and remediation.
  • Perform engineering, tuning, & provide guidance of mobile & endpoint security controls & hardening including AV, Endpoint Detection & Response, DLP, & encryption.
  • Translate security controls and requirements into system specification requirements.
  • Perform 3rd party vendor risk management assessments.
  • Plan, develop, and enhance security standards, requirements gathering, and engineer security solutions across the risk and technology portfolio.
  • Assist in designing computer security architecture and develop detailed cyber security designs.
  • Engineer, implement and monitor security measures for the protection of computer systems, storage, infrastructure, and cloud applications.
  • Define system security requirements, identify vulnerabilities, and coordinate remediation plans.
  • Support and coordinate risk assessments and security evaluations for vendors deploying solutions either on premise or in the cloud.
  • Participate in proof of concepts and other technical evaluations of technologies, designs and solutions and provide recommendations.
  • Plan and coordinate the deployment of security and vulnerability patching to all computer systems.
  • Prepare and document standard operating procedures and standards.
  • Develop technical solutions and select and implement new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
  • Write comprehensive reports including assessmentbased findings, outcomes, and propositions for further system security enhancement.
  • Planautomatedeploy new infrastructure and security capabilities.
  • Participates in security awareness trainings, webinars, and podcasts designed as a Subject Matter Expert (SME).
  • Adept at Presenting inperson and virtual to customers, partners, and executives.
    • Qualifications

      Eligibility Requirements:

      • BS degree in Computer Science, Information Systems or equivalent experience preferred.
      • CISSP certification required.
      • Industry certifications preferred: CISA, CISM, CEH, GIAC, or equivalent.
      • 8+ years of relevant experience focusing on security analysis.
      • 3+ years of experience performing Network Security with expertise configuring Firewalls, Network IDPS systems, DataLoss Prevention (DLP), VPN, ProxyWeb content filtering, WAF, NAC, ZeroTrust, GREIPSec, andor Network segmentation.
      • Experience managing and configuring Vulnerability Management tools, Cloud Security (including CASB & M365), Identity and Access Management tools, andor MultiFactor authentication
      • 3+ years of experience performing Endpoint Security with expertise configuring AV andor MDREDR solutions, hardening Windows Server and Workstation OS, andor MDM and Mobility.
      • Experience performing SIEM management and tuning, incident response, forensics, playbook development, andor SOAR tools.
      • Ability to employ procedures, methods, and tools for identifying, representing, and formally assessing the important aspects of alternative decisions (options) to make an optimum (e.g. best possible) decision.
      • Experience with IT governance andor risk.
      • Strong knowledge of network & infrastructure security architecture.
      • Experience working with Linux and Windows operating systems.
      • Experience with Microsoft Azure, IaaS, PaaS, SaaS, NaaS platforms
      • Detailed and thorough knowledge of incident analysis and response concepts and techniques, including incident tracking process, root cause, lessons learned and process improvements.
      • Knowledge of compliance standards and security frameworks (COBIT, NIST, HIPAA, ISO270012, OWASP, PCI)
      • Knowledge of security regulations, frameworks and security requirements that impact SMB market (GLBA, HIPAA, PCI, NIST 800171, NIST 80053, NIST CSF, CMMC)
      • Excellent analytical and problemsolving skills with the ability to work under pressure.
      • High level of personal integrity, with the ability to professionally handle confidential matters while leveraging the appropriate level of judgment.
      • Strong interpersonal and communication skills.
      • Ability to work well under stressful environments.
      • Ability to work extended hours and weekends when required.
        • Additional Information

          If you have an interest and meet these requirements, we encourage you to apply online!

          • Must be a United States citizen to Apply.

          • Ability to gain a security clearance.

          • EOE Principles only.

Ready to apply?
APPLY
Β·

Information Security Analyst Related jobs

Maryland (USA)Information Security Analyst

Other jobs at eTrepid Inc.

We help you get seen. Not ignored.

We help you get seen faster β€” by the right people.

πŸš€

Auto-Apply

We apply for you β€” automatically and instantly.

Save time, skip forms, and stay on top of every opportunity. Because you can't get seen if you're not in the race.

✨

AI Match Feedback

Know your real match before you apply.

Get a detailed AI assessment of your profile against each job posting. Because getting seen starts with passing the filters.

Upgrade to Premium. Apply smarter and get noticed.

Upgrade to Premium

Join thousands of professionals who got noticed and hired faster.