Security Engineer (Compliance and Inventory Management)
Duration: 12 Months
Location: Remote
We are seeking a dedicated and experienced Security Engineer with a strong focus on compliance and inventory management to join our Information Security team. The ideal candidate will have extensive knowledge and handson experience with Tenable or other inventory management tools and a solid understanding of regulatory compliance requirements. This role will be instrumental in ensuring our IT infrastructure is secure compliant with industry standards and efficiently managed.
Key Responsibilities:
- Compliance Management:
- Ensure adherence to regulatory compliance standards such as GDPR HIPAA PCIDSS and SOX.
- Conduct regular compliance audits and assessments.
- Develop and implement compliance policies and procedures.
- Collaborate with internal and external auditors to provide necessary documentation and responses.
- Inventory Management:
- Utilize Tenable or similar tools to manage and maintain an accurate inventory of all IT assets.
- Ensure all assets are properly documented and tracked.
- Regularly update and review inventory records to ensure accuracy.
- Identify and mitigate risks associated with asset management.
- Security Operations:
- Monitor and analyze security alerts and incidents.
- Conduct vulnerability assessments and penetration testing.
- Develop and implement security measures to protect IT infrastructure.
- Participate in the incident response process including investigation and remediation.
- Risk Management:
- Identify assess and prioritize security risks.
- Develop and implement risk mitigation strategies.
- Conduct regular risk assessments and security reviews.
- Collaboration and Communication:
- Work closely with IT legal and business teams to ensure security and compliance requirements are met.
- Provide training and guidance to employees on security best practices and compliance requirements.
- Prepare and present security reports to management.
- Continuous Improvement:
- Stay updated with the latest security trends technologies and regulatory changes.
- Recommend and implement improvements to security policies procedures and technologies. Qualifications:
- Education:
- Bachelor s degree in Computer Science Information Technology Cybersecurity or a related field. A master s degree is a plus.
- Experience:
- Minimum of 35 years of experience in information security with a focus on compliance and inventory management.
- Proven experience with Tenable or other inventory management tools. Cetero and or Graylog
- Strong knowledge of regulatory compliance requirements and standards.
- Skills:
- Excellent understanding of security frameworks such as NIST ISO 27001 and CIS Controls.
- Proficiency in vulnerability management and penetration testing tools.
- Certifications:
- Relevant certifications such as CISSP CISM CISA CEH or similar are highly desirable
We are seeking a dedicated and experienced Security Engineer with a strong focus on compliance and inventory management to join our Information Security team. The ideal candidate will have extensive knowledge and hands-on experience with Tenable or other inventory management tools, and a solid understanding of regulatory compliance requirements. This role will be instrumental in ensuring our IT infrastructure is secure, compliant with industry standards, and efficiently managed. Key Responsibilities: Compliance Management: Ensure adherence to regulatory compliance standards such as GDPR, HIPAA, PCI-DSS, and SOX. Conduct regular compliance audits and assessments. Develop and implement compliance policies and procedures. Collaborate with internal and external auditors to provide necessary documentation and responses. Inventory Management: Utilize Tenable or similar tools to manage and maintain an accurate inventory of all IT assets. Ensure all assets are properly documented and tracked. Regularly update and review inventory records to ensure accuracy. Identify and mitigate risks associated with asset management. Security Operations: Monitor and analyze security alerts and incidents. Conduct vulnerability assessments and penetration testing. Develop and implement security measures to protect IT infrastructure. Participate in the incident response process, including investigation and remediation. Risk Management: Identify, assess, and prioritize security risks. Develop and implement risk mitigation strategies. Conduct regular risk assessments and security reviews. Collaboration and Communication: Work closely with IT, legal, and business teams to ensure security and compliance requirements are met. Provide training and guidance to employees on security best practices and compliance requirements. Prepare and present security reports to management. Continuous Improvement: Stay updated with the latest security trends, technologies, and regulatory changes. Recommend and implement improvements to security policies, procedures, and technologies. Qualifications: Education: Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. A master s degree is a plus. Experience: Minimum of 3-5 years of experience in information security, with a focus on compliance and inventory management. Proven experience with Tenable or other inventory management tools. Cetero and or Graylog Strong knowledge of regulatory compliance requirements and standards. Skills: Excellent understanding of security frameworks such as NIST, ISO 27001, and CIS Controls. Proficiency in vulnerability management and penetration testing tools. Certifications: Relevant certifications such as CISSP, CISM, CISA, CEH, or similar are highly desirable