Boostt

Information Security Engineers

15-1299.05

Develop and oversee the implementation of information security procedures and policies. Build, maintain and upgrade security technology, such as firewalls, for the safe use of computer networks and the transmission and retrieval of information. Design and implement appropriate security controls to identify vulnerabilities and protect digital files and electronic infrastructures. Monitor and respond to computer security breaches, viruses, and intrusions, and perform forensic investigation. May oversee the assessment of information security systems.

Sample of reported job titles: AI Security Specialist (Artificial Intelligence Security Specialist), Application Security Administrator, Applications Engineer, Automotive Security Engineer, Blue Team Member, Cloud Engineer, Cloud Security Architect, Cloud Security Engineer, Communications Security Manager (COMSEC Manager), Cyber Defense Incident Responder, Cyber Defense Infrastructure Support Specialist, Cyber Security Engineer, Cyber Security Threat Engineer, Cybersecurity Engineer, Cybersecurity Hardware Engineer, Cybersecurity Software Developer, Cybersecurity Software Engineer, Information Architect, Information Assurance Engineer, Information Security Administrator, Information Security Architect, Information Security Consultant, Information Security Engineer, Information Security Loss Prevention Engineer, Information Security Management Engineer, Information Systems Security Developer, Information Systems Security Engineer, Information Systems Security Scientist, IT Administrator (Information Technology Administrator), IT Architect (Information Technology Architect), IT Security Engineer (Information Technology Security Engineer), Mobile Security Engineer, Network Engineer, Network Security Engineer, Red Team Member, Security Administrator, Security Engineer, Security Operations Center Manager (SOC Manager), System Security Analyst, Systems Engineer, Systems Security Engineer

Occupation-Specific Information

Tasks

Assess the quality of security controls, using performance indicators.
Conduct investigations of information security breaches to identify vulnerabilities and evaluate the damage.
Coordinate documentation of computer security or emergency measure policies, procedures, or tests.
Coordinate monitoring of networks or systems for security breaches or intrusions.
Coordinate vulnerability assessments or analysis of information security systems.
Develop information security standards and best practices.
Develop or implement software tools to assist in the detection, prevention, and analysis of security threats.
Develop or install software, such as firewalls and data encryption programs, to protect sensitive information.
Develop response and recovery strategies for security breaches.
Identify or implement solutions to information security problems.
Identify security system weaknesses, using penetration tests.
Oversee development of plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure or to meet emergency data processing needs.
Oversee performance of risk assessment or execution of system tests to ensure the functioning of data processing activities or security measures.
Provide technical support to computer users for installation and use of security products.
Recommend information security enhancements to management.
Review security assessments for computing environments or check for compliance with cybersecurity standards and regulations.
Scan networks, using vulnerability assessment tools to identify vulnerabilities.
Train staff on, and oversee the use of, information security standards, policies, and best practices.
Troubleshoot security and network problems.
Write reports regarding investigations of information security breaches or network evaluations.

Technology Skills

Access software - IBM Tivoli software
Application server software - Docker 🔥; GitHub 🔥; Kubernetes
Authentication server software - Single sign-on SSO
Cloud-based data access and sharing software - Platform as a service PaaS
Cloud-based management software - Amazon Web Services AWS CloudFormation 🔥; Google Cloud software
Configuration management software - Chef 🔥; IBM Terraform ; Puppet
Content workflow software - Atlassian JIRA 🔥
Data base management system software - Elasticsearch 🔥; MongoDB 🔥; NoSQL 🔥
Data base reporting software - Microsoft SQL Server Reporting Services SSRS 🔥; Reporting software
Data base user interface and query software - Amazon Web Services AWS software ; IBM DB2 🔥; Microsoft Access 🔥; Microsoft SQL Server 🔥; ServiceNow 🔥; Structured query language SQL 🔥
Development environment software - C 🔥; Go 🔥; Microsoft Azure software ; Microsoft PowerShell ; Ruby 🔥; Software libraries; Web application software
Electronic mail software - Microsoft Outlook 🔥
Enterprise application integration software - Enterprise application integration EAI software; Jenkins CI 🔥; Microsoft SQL Server Integration Services SSIS 🔥
Enterprise resource planning ERP software - Management information systems MIS
Enterprise system management software - Splunk Enterprise ; Tanium software
Expert system software - Ansible software
File versioning software - Git 🔥
Geographic information system - Geographic information system GIS systems
Graphics or photo imaging software - Microsoft Visio 🔥
Internet directory services software - Active directory software; Microsoft Active Directory ; Network directory services software; Oracle Unified Directory
Network monitoring software - IBM QRadar SIEM; Microsoft Azure Sentinel; Snort; Tcpdump; Wireshark
Network security and virtual private network VPN equipment software - Firewall software
Network security or virtual private network VPN management software - IBM Resource Access Control Facility RACF; Intrusion detection system IDS
Object or component oriented development software - C# 🔥; C++ 🔥; Oracle Java ; Perl ; Python ; R 🔥
Office suite software - Microsoft Office software 🔥
Operating system software - Apple iOS 🔥; Apple macOS 🔥; Bash ; Linux ; Microsoft Windows 🔥; Microsoft Windows Server ; Operating system software; Shell script 🔥; Ubuntu; UNIX ; UNIX Shell 🔥
Presentation software - Microsoft PowerPoint 🔥
Project management software - Atlassian Confluence 🔥; Microsoft SharePoint 🔥; Microsoft Teams 🔥
Risk management data and analysis software - ArcSight Enterprise Threat and Risk Management; McAfee Enterprise Security Manager
Spreadsheet software - Microsoft Excel 🔥
Switch or router software - Border Gateway Protocol BGP 🔥
Transaction security and virus protection software - Microsoft Defender Antivirus; Microsoft Security Esssentials; Tenable Nessus
Transaction server software - IBM Middleware
Web platform development software - JavaScript 🔥; JavaScript Object Notation JSON 🔥; PHP 🔥; React 🔥; RESTful API; Security assertion markup language SAML
Word processing software - Collaborative editing software

Occupational Requirements

Work Activities

Detailed Work Activities

Evaluate utility of software or hardware technologies.
Investigate illegal or suspicious activities.
Coordinate reporting or editing activities.
Manage information technology projects or system activities.
Develop performance metrics or standards related to information technology.
Establish work standards.
Develop software or computer applications.
Install computer software.
Develop operating strategies, plans, or procedures.
Evaluate potential of products, technologies, or resources.
Implement security measures for computer or information systems.
Analyze security of systems, network, or data.
Provide technical guidance to other personnel.
Recommend changes to improve computer or information systems.
Read documents to gather technical information.
Monitor processes for compliance with standards.
Test computer system operations to ensure proper functioning.
Train personnel in technical or scientific procedures.
Supervise information technology personnel.
Troubleshoot issues with computer applications or systems.
Write reports or evaluations.