Logo
Aureon Consulting

Information Security Engineer

Aureon Consulting, Cedar, MI, United States

One of our favorite clients is actively seeking an Information Security Engineer on a permanent basis.

Responsibilities:

  • Develop and enforce security policies, standards, and procedures to ensure adherence to industry regulations and best practices.
  • Lead the design, implementation, and upkeep of enterprise-wide security solutions to defend against cyber threats and attacks.
  • Conduct thorough security assessments and risk analyses to identify and prioritize vulnerabilities and weaknesses in systems and infrastructure.
  • Act as a subject matter expert on security-related technologies, including SIEM, IDS/IPS, firewalls, endpoint security, and encryption.
  • Oversee incident response activities, including threat detection, containment, eradication, and recovery, ensuring timely resolution of security incidents.
  • Collaborate with IT and development teams to incorporate security controls into the software development lifecycle and DevOps processes.
  • Investigate security breaches and incidents, providing detailed reports on root cause and remediation steps.
  • Stay current with industry standards, emerging cyber threats, and best practices, making recommendations to enhance security.
  • Conduct regular assessments and vulnerability scans to identify potential risks and weaknesses.
  • Create and deliver security awareness training sessions for all team members.
  • Participate in all response, recovery, and analysis efforts as needed.

Qualifications:

  • Proven experience designing and implementing security solutions in complex environments.
  • Expertise in networking, network protocols, operating systems, and security technologies, with a strong understanding of security principles and best practices.
  • Demonstrated experience with security assessment tools, penetration testing, and vulnerability management.
  • Hands-on experience with cloud security platforms (e.g., AWS, Azure, GCP) and container security technologies.
  • Strong leadership and communication skills, with the ability to effectively collaborate with cross-functional teams and influence stakeholders at all levels.
  • Relevant certifications such as CISSP, CISM, CEH, or GIAC are highly desired.
  • Experience in regulated industries (e.g., finance, healthcare) and familiarity with compliance frameworks (e.g., NIST, PCI DSS, GDPR) is a plus.

Does this sound like you? Would you like to hear more details? Apply here!