Under general supervision, assists in analyzing, planning, implementing, maintaining, troubleshooting and enhancing large complex systems or networks consisting of a combination that may include mainframes, mini-computers, personal computers, mobile devices, LANS, WANs, servers, data storage and the physical and logical components that integrate these systems together as an enterprise networking backbone.
The 1044 Principal Security Engineer is the highest level in the Engineer series and may be assigned to function as a supervisor, expert or project leader. When assigned as a supervisor, develops, coordinates and executes policies, methods and procedures, and supervises personnel; when assigned as an expert, performs work requiring a very high level of technical knowledge of a specific area or ability to integrate at a high level the knowledge of several areas (this is not considered to be a part of the normal career path for employees in this series; rather it is reserved for those employees with a mastery of specific technologies or a particular expertise): when assigned as a project leader, manages and provides technical leadership of projects involving large-scale, complex and highly analytical tasks. Positions at this level are distinguished from Senior IS Engineers, in that the latter performs more specific and small-scale, though complex, analytical tasks. Work is performed within a broad framework of general policy and requires creativity and resourcefulness to accomplish goals and objectives, and in applying concepts, plans and strategies which may deviate from traditional methods and practices. Serves as a lead technical architect and systems integrator for large complex systems or networks, with a focus on securing vulnerabilities and reducing risk of system and/or asset compromises.
- Architects, designs, implements, maintains and operates information system security controls and countermeasures; supervises and trains operators in the administration of these systems; documents the operation, use, and expected outputs of these systems.
- Analyzes and recommends security controls and procedures in acquisition, development, and change management lifecycle of information systems, and provides oversight to ensure compliance.
- Analyzes and recommends security controls and procedures in business processes related to use of information systems and assets, and provides oversight to ensure compliance.
- Monitors information systems for security incidents and vulnerabilities; develops monitoring and visibility capabilities; reports on incidents, vulnerabilities, and trends to IT or executive management.
- Oversees the response to information system security incidents, including investigation of, countermeasures to, and recovery from computer-based attacks, unauthorized access, and policy breaches; engages, interacts and coordinates with third-party incident responders, including law enforcement.
- Oversees the administration of authentication and access controls, including provisioning, changes, and deprovisioning of user and system accounts, security/access roles, and access permissions to information assets.
- Analyzes trends, news and changes in threat and compliance environment with respect to organizational risk; advises organization management and develops and executes plans for compliance and mitigation of risk; oversees risk and compliance self-assessments, and engages and coordinates third-party risk and compliance assessments.
- Analyzes and oversees the development of information security governance, including organizational policies, procedures, standards, baselines and guidelines with respect to information security and use and operation of information systems.
- Oversees the development and administration of information security training and awareness programs.
Back to Security Engineer