Information Security Engineer II

San Diego, California


As an Information Security Engineer II at ICW Group, you'll have the opportunity make a significant impact on our Information Security team. This position exists to design secure architectures and develop cyber security approaches and techniques to evaluate the security of our systems and networks. This person will be a key team member monitoring and defending ICW Groups technology against potential threats that jeopardize the financial growth and security goals of the Company.

Essential Duties and Responsibilities

Monitors and defends information systems against unauthorized access, modifications and/or destruction

  • Monitors networks and systems for security breaches, through the use of software that detects intrusions and anomalous system behavior and develops strategies to respond to and recover from a security breach.
  • Leads security incident response, including preparation, detection, analysis, containment, eradication and recovery.
  • Researches and implements methods to remediate network and application security vulnerabilities.
  • Participates in security architecture controls reporting, compliance audits, monthly and ad-hoc statistics and trends, and risk-focused reports including internal and 3rd party Risk Assessments.

Runs complex security related projects and resolves security related issues

  • Resolves complex security projects and issues. Develops a set of security standards to respond to and recover from a security breach.
  • Provides support by proposing solutions, coordinating implementation, and enforcing information systems security policies, standards, and methodologies.
  • Uses advanced technologies including Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus, Network Packet Analyzers, Malware analysis and forensics tools to detect intrusions, breaches in compliance, etc.
  • Prepares and analyses system security reports by collecting, analyzing, and summarizing data and trends.
  • Maintains operational security posture for an information system or program to ensure information system security policies, standards, and procedures are established and followed.

Serves as cyber security technical subject matter trainer and resource for the organization

  • Provides information security expertise to system development teams throughout the life cycle process.
  • Partners with systems engineering teams to ensure system design and implementation are consistent with company policies, requirements and directives.
  • Conducts information security risk assessments including documenting processes, service level agreements and best practices.
  • Develops the overall security design, development, testing and implementation of security solutions. Recommends compliance strategies that support customer requirements and alignment to company policy.
  • Ensures security quality, adherence to security guidelines, profitability, and information security related metrics for self and assigned projects.

Supervisory Responsibilities


Education and Experience

Bachelor's Degree from four-year college or university required with major or emphasis Engineering, Cyber security, Networking, or Computer Science related discipline. Minimum 6 years of experience working in a security engineering related role designing secure networks, systems and application architectures or equivalent combination of education and experience. Direct experience using advanced technologies such as Intrusion Detection & Prevention Systems (IDS/IPS), Firewalls, SIEM, Antivirus software, Network Packet Analyzers, content filtering, Malware analysis and forensics tools to detect intrusions. Experience in cyber security role requiring knowledge of data analysis, risk assessment, risk mitigation, investigation methods, incident management concepts and practices, and policy and procedure development.

Certificates, Licenses, Registrations

Certification in GSEC, CISSP, and/or Security+ preferred.

Knowledge and Skills

Knowledge of risk assessment tools, technologies and methodologies. Knowledge of disaster recovery, computer forensic tools, technologies and methods. Ability to communicate network security issues to peers and management. Ability to read and use the results of mobile code, malicious code, and anti-virus software. Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention. Ability to work with mathematical concepts such as probability and statistical inference. Ability to apply principles of logical or scientific thinking to a wide range of intellectual and practical problems. Ability to combine disparate skills and thinking to craft solutions and solve complex operational problems. Ability to hypothesize on root cause of inefficiencies and then test out probable solutions against those hypotheses. Ability to read, analyze, and interpret technical journals, financial reports, security analysis reports and other IT related documents. Ability to respond to common inquiries or complaints from customers, regulatory agencies, or members of the business community. Must be able to read, write and speak English effectively.

Physical Requirements

Office environment no specific or unusual physical or environmental demands and employees are regularly required to sit, walk, stand, talk, and hear. Employees are required to reach with hands and arms; stoop, kneel, crouch, or crawl. Employees must occasionally lift and/or move up to 30 pounds. Employees are required to have visual acuity and be capable of operating and viewing computers and other electronic devices for extended periods of time.

Work Environment

This position operates in an office environment and requires the frequent use of a computer, telephone, copier, and other standard office equipment.