Information Security Engineer

Operations - US Chicago, Illinois


Description

Information Security Engineer

We’re passionate, we’re collaborative and we are growing.

AArete is looking for an Information Security Engineer. You are highly technical with an entrepreneurial spirit and commitment to excellence. You strive in a team environment and have the ability to flip tasks and priorities midstream because you love an exciting challenge. The bar is set high at AArete. There is a lot to do around here and you love getting the job done right.

At AArete we live and breathe to provide the best experience to our clients each and every day. We are fresh, passionate, have tons of energy, and love what we do – provide non- labor cost reduction solutions and wow our clients with impeccable service.

Why AArete? AArete’s mission is to increase client profitability while improving the capabilities of our clients’ people. We believe that any organization can succeed by enriching and empowering its people. Our own people empower our vision to be a premier global management consulting firm that Fortune 500 and leading organizations trust.

Primary Responsibilities:

 

  • Perform highly-specialized review & evaluation of incoming cybersecurity information to determine its usefulness and impact on AArete
  • Provide support, administration, and maintenance necessary to ensure effective & efficient information technology system performance and security
  • Identify, analyze, and mitigate threats to internal information technology systems or networks

Tasks:

 

  • Maintain baseline system security according to organizational policies
  • Manage accounts, network rights, and access to systems and equipment
  • Design access control lists to ensure compatibility with organizational standards, business rules, and needs
  • Provide ongoing optimization and problem-solving
  • Analyze data sources to provide actionable recommendations
  • Assess the validity of source data and subsequent findings
  • Present technical information to technical and non-technical audiences
  • Present data in creative formats
  • Provide actionable recommendations to stakeholders based on data analysis and findings
  • Oversee installation, implementation, configuration, and support of system components
  • Answer requests for information
  • Conduct in-depth research and analysis
  • Provide input and assist in the development of plans and guidance
  • Maintain infrastructure within a cloud environment

Knowledge, Skills, and Abilities:

 

  • Ability to communicate complex information concepts, or ideas in a confident and well-organized manner through verbal, written, and/or visual means.
  • Ability to develop, update, and/or maintain policies & procedures
  • Ability to operate common network tools
  • Ability to collaborate effectively with others
  • Ability to develop or recommend analytic approaches or solutions to problems and situations for which information is incomplete or which no precedent exists
  • Ability to effectively collaborate both in-person and virtually
  • Ability to function in a collaborative environment, seeking continuous consultation with subject matter experts to leverage analytical and technical expertise.
  • Ability to apply cybersecurity and privacy principles to organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation)
  • Ability to establish and maintain automated security control assessments
  • Knowledge of computer networking concepts and protocols, and network security methodologies
  • Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
  • Knowledge of laws, regulations, policies, and ethics as they relate to cybersecurity and privacy
  • Knowledge of cybersecurity and privacy principles
  • Knowledge of cyber threats and vulnerabilities
  • Knowledge of specific operational impacts of cybersecurity lapses
  • Knowledge of the basics of network security (e.g., encryption, firewalls, authentication, honey pots, perimeter protection, etc.)
  • Knowledge of command-line tools and PowerShell
  • Knowledge of organizational information technology user security policies (e.g., account creation, password rules, access control, etc.)
  • Knowledge of Personal Health Information (PHI) data security standards
  • Knowledge of attack methods and techniques (DDoS, brute forcing, spoofing, etc.)
  • Knowledge of common computer/network infections (virus, Trojan, etc.) and methods of infection (ports, attachments, etc.)
  • Knowledge of the ways in which malicious actors use the Internet
  • Knowledge of the basics of cloud (AWS) security
  • Skill in interfacing with clients and colleagues
  • Skill in evaluating information for reliability, validity, and relevance
  • Skill in identifying cyber threats which may jeopardize organizational interests
  • Skill in preparing and presenting briefings
  • Skill in utilizing feedback to improve processes, products, and services
  • Skill to identify sources, characteristics, and uses of the organization’s data assets
     

Requirements:

  • Technology-focused degree is preferred but not required
  • Professional certifications such as GSEC, GCIH, SSCP, Security+, CEH, or others are preferred but not required
  • Experience working with AWS is strongly preferred
  • 1 to 3 years of experience working in an information security role is required

 

Curiosity piqued? Learn more about us!

  • Forbes 2021 list of Best Management Consulting Firms
  • Vault’s Top 50 Firms to Work For
  • Crain's Chicago Business Fast 50 for a 3rd year
  • Inc 5000’s Fastest Growing Firms list for the 4th consecutive year
  • Consulting Magazine's Fastest Growing Firms for the 4th consecutive year
  • AArete acquired DsquaredI in September 2020
  • AArete acquired Third (i) Technologies in 2019