Information Security & Risk Engineer

JOB SUMMARYThe Information Security and Risk Engineer role leads collaboration, design, development, and implementation of enterprise information security architectures, solutions, and policies. Role may focus on technical or administrative aspects of security or encompass a mixture of both.Information Security and Risk develops, implements, and enforces security controls to protect the organization's technology assets from intentional or inadvertent modification, disclosure, or destruction. This job family develops system back-up and disaster recovery plans. Information Technology also conducts incident response, threat management, vulnerability scanning, virus management and intrusion detection and completes risk assessments.ESSENTIAL DUTIES & RESPONSIBILITIESApplies comprehensive knowledge and a thorough understanding of concepts, principles, and technical capabilities to perform varied tasks and projects.Contribute to the development of policies and procedures.Develops technical solutions to a wide range of difficult problems. Solutions are innovative and consistent with organization objectivesCompletes work independently receives general guidance on new projectsWork reviewed for purpose of meeting objectivesServe as an information security expert, helping project teams comply with enterprise and IT security policies, regulations, and recommend strategic solutions. Recommend mitigation steps to reduce business impact of emerging information security threats and vulnerabilitiesSeek opportunities to research, design, and advocate new technologies, architectures, products, policies, processes or procedures that will support security requirements for Outcomes, business partners, and vendorsEnsure accurate and timely reporting; prepare specialized and ad hoc reportsMay act as a mentor to less experienced colleaguesKNOWLEDGE & REQUIREMENTS• Familiarity with information security concepts, relevant tools and standards• Knowledge of Microsoft Office Suite, Excel skills• Knowledge of information security principles related to Confidentiality and Integrity, Availability (CIA)• Demonstrated experience with systems and data query tools• Demonstrated team performance skills, service mindset approach, and the ability to act as a trusted advisorEDUCATION & EXPERIENCE REQUIREMENTS• Minimum years of work experience: 5 years Information Technology sector experience or equivalent• Minimum level of education or education/experience: Bachelors or equivalent work experiencein computer science, information technology, or a related field• One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA, SSCP, Security+ or other

Created: 2026-05-08