IT Security Engineer
Apply on
IT Security Engineer
Columbus, OH OR Iselin, NJ OR Westlake, TX OR Chandler, AZ
24 + Months
$55- $57/HR
Onsite Day 1: Hybrid Model: 3 Days Onsite Per Week!
Primary locations would be Columbus, OH and Iselin, NJ.
Secondary locations, include Westlake, TX, and Chandler, AZ.
Senior Information Security Engineer - Control Management
Description:
Information Security Engineering:
Covers jobs responsible for creating, and maintaining the security systems within network, including the computer systems and data, and identifying, formulating, and implementing policies and procedures to mitigate regulatory, operational, strategic and reputation risks.
About this role:
We are seeking a motivated Senior Information Security Engineer to join an exciting, fast paced team working on cutting edge encryption, tokenization and key management technologies that are leveraged to protect information companywide.
This role will provide technical support and be an individual contributor to teams that design, deploy, and operationally maintain cryptographic products and services.
The ideal candidate will have a solid understanding of Process, Risk and Control and experience with Risk Control Self Assessments (RCSA).
This role reports directly to the Product Manager of Critical Infrastructure within Secure Network Services.
In this role, you will:
Collaborate with, guide and counsel Critical Infrastructure process and control owners for Control Assurance requirements, including identifying where controls reside, oversight of control documentation changes, evaluating effectiveness and functioning as liaison to control assurance teams in 1st and 2nd Lines responsible for Testing.
Ensure a proper Critical Infrastructure profile of applicable regulations and associated controls as well as residual risks and compensating controls are maintained and continuously updated in appropriate systems of record on an ongoing basis.
Establish the inventory of all relevant business processes, governance channels, internal testing, audit, regulatory engagements and prioritize internal preparation, review routines and the integration with RCSA as applicable.
Establish regular routines with corporate risk, testing & validation and audit partners to provide transparency into business risk profile and trend.
Conduct risk assessments to evaluate the adequacy and effectiveness of policies, procedures, processes, systems, technology, and internal controls.
Provide reporting, written and verbal updates to Secure Network Services Leadership and Enterprise risk committees as issues/incidents arise that require escalation.
Deploy automation strategies for encryption, tokenization and key management products and services including Hardware Security Modules, security appliances and security applications deploying in physical, virtual and containerized environments.
Provide technical guidance and oversight to teams and team members responsible for product delivery and operational maintenance.
Support company driven audits, gather evidence of compliance to company policies, and drive product enhancements, when needed, to remediate findings.
Conduct technical investigation of incidents to identify causes and recommend future mitigation strategies.
Support incident response, root cause analysis and corrective action activities.
Required Qualifications:
2+ years of Risk Management or Financial Services Industry experience.
2+ years of Information Security Engineering experience
2+ years of intermediate to advanced level experience with scripting/automation using tools such as: Bash, PowerShell, Python, Ansible, VBScript, or JavaScript, UI path, etc.
2+ years of Linux and Windows server experience
Knowledge of Cryptographic protocols & algorithms.
Knowledge and understanding of implementing infrastructure upgrades, security patches, version upgrades for systems, appliances and HSM's.
Experience with Agile Scrum or Kanban methodologies.
Proven experience with change and incident management practices in medium to large enterprise environments.
Desired Qualifications:
Technical understanding of specific business operations, processes, products, and customer interactions where they manifest risk.
Demonstrated capacity to pro-actively and independently analyze and solve problems and address risks with the business unit's risk appetite and all risk and compliance program requirements.
Support the execution and maintenance of RCSA program which includes:
Identify risks applicable for the RAU.
Ensure data is up to date.
Identify items that are applicable to the RAU in the data provided.
Identify risk drivers.
Ensure process inventory is updated in the RCSA RAU
Assesses, documents, and communicates emerging risks, themes and identified control deficiencies to management and risk partners in a timely manner.
Foster strong relationships with team and collaborate effectively. Ensures coordination with team, line of business, other business units, Audit, and regulators on risk related topics.
Ensures internal collaboration with the team, line of business/ partners.
Interfaces internally with the team, line of business, and risk partners.
Timely update, reporting and escalation of issues.
Experience with DevOps and CI/CD automated build and deployment processes.
Experience with application support in Linux and Windows server environments.
Experience mentoring/guiding less experienced staff.
Strong analytical skills with high attention to detail and accuracy.
Advanced critical thinking, problem solving and technical troubleshooting abilities.
Security certifications such as CISSP, GIAC or equivalent.
Knowledge and understanding of implementing infrastructure upgrades, security patches, or version upgrades.
Experience with and the ability to thrive in a complex and fast-paced technology and/or information security organization, within a large enterprise environment.
Strong verbal, written, and interpersonal communication skills.
Job Expectations:
Ability to travel up to 10% of the time.
Ability to work onsite in the office in a hybrid model.
Dexian is a leading provider of staffing, IT, and workforce solutions with over 12,000 employees and 70 locations worldwide. As one of the largest IT staffing companies and the 2nd largest minority-owned staffing company in the U.S., Dexian was formed in 2023 through the merger of DISYS and Signature Consultants. Combining the best elements of its core companies, Dexian's platform connects talent, technology, and organizations to produce game-changing results that help everyone achieve their ambitions and goals.
Dexian's brands include Dexian DISYS, Dexian Signature Consultants, Dexian Government Solutions, Dexian Talent Development and Dexian IT Solutions. Visit to learn more.
Dexian is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.
