A Security Engineer builds and maintains IT security solutions for an organization. In this intermediate-level position, you will be developing security for your company’s systems & projects and handling any technical problems that arise. Security engineers identify IT threats and software vulnerabilities, build and test robust security systems (e.g. firewalls) and serve as the “security point person” on policies & procedures.
It’s a job that often requires an in-depth knowledge of hard skills (e.g. secure network architectures, secure coding practices, protocols, etc.) and a fair amount of previous work experience. As always, the scope of a security engineer’s job responsibilities will depend on the size and complexity of the organization.
- Create new ways to solve existing production security issues
- Configure and install firewalls and intrusion detection systems
- Perform vulnerability testing, risk analyses and security assessments
- Develop automation scripts to handle and track incidents
- Investigate intrusion incidents, conduct forensic investigations and mount incident responses
- Collaborate with colleagues on authentication, authorization and encryption solutions
- Evaluate new technologies and processes that enhance security capabilities
- Test security solutions using industry standard analysis criteria
- Deliver technical reports and formal papers on test findings
- Respond to information security issues during each stage of a project’s lifecycle
- Supervise changes in software, hardware, facilities, telecommunications and user needs
- Define, implement and maintain corporate security policies
- Analyze and advise on new security technologies and program conformance
- Recommend modifications in legal, technical and regulatory areas that affect IT security
