Information Security Engineer

So, what’s the role all about? 

The Information Security Engineer's role involves helping with the implementation and management of security measures outlined by the Information Security (InfoSec) team. They make sure that the company meets regulatory and compliance standards by carrying out security initiatives. Their responsibilities include maintaining and monitoring systems regularly, ensuring that platform environments follow company policies and comply with regulations. They essentially keep everything in check to protect the company's data and systems from potential threats.

How will you make an impact?  

• Install, configure, and administer security tools such as endpoint protection, SIEM, XDR, WAF, vulnerability scanner, and DLP, liaise as needed with teams such as network operations, systems engineering, DevOps and others.
• Troubleshoot and resolve technical issues with security tools and processes.
• Employ the above tools to identify exposures and to aid in remediation actions.
• Manage and oversee testing and assessment activities such as penetration testing service providers.
• Manage security incidents, conduct analysis, and respond according to company policies.
• Conduct regular vulnerability scans, coordinate remediation, and liaise with resolving teams.
• Coordinate with third-party vendors and assist with internal and external audits for regulatory compliance.
• Provide formal notification to the Security Officer regarding planned changes affecting security posture or certifications.

Note: Remember, this job description isn't exhaustive. Employees may be asked to handle other reasonable business duties assigned by their supervisor or management. The organization also has the flexibility to adjust job duties as needed. Keep in mind that this role might entail overtime, and working during non-traditional hours like nights, early mornings, and weekends. Additionally, being on-call may be required.

 Have you got what it takes?  

• BS/BA or AAS in related field or equivalent experience
• Understanding of basic information security principles
• Minimum 2 years in IT and data networks, plus 2 years in information security
• Strong writing skills and proven problem-solving ability
• Proficiency in organization, project management, and advanced computer applications, with excellent analytical skills

 You will have an advantage if you also have: 

• Proficient with Microsoft Applications
• COMPTIA Security+, CISA, CISSP, SSCP CCSK certification
• Knowledge of PCI, SSAE 16/SOC , FedRAMP,IRAP and HIPAA compliance regulations.

This job description is not intended to be all-inclusive, and employees will also perform other reasonable related business duties as assigned by immediate supervisor and other management as required.

This organization reserves the right to revise or change job duties as the need arises. This job description does not constitute a written or implied contract of employment.​

Requisition ID: 5329
Reporting into: 
Role Type: Individual Contributor

What’s in it for you?

Join an ever-growing, market disrupting, global company where the teams – comprised of the best of the best – work in a fast-paced, collaborative, and creative environment! As the market leader, every day at NICE is a chance to learn and grow, and there are endless internal career opportunities across multiple roles, disciplines, domains, and locations. If you are passionate, innovative, and excited to constantly raise the bar, you may just be our next NICEr!

Enjoy NICE-FLEX!

At NICE, we work according to the NICE-FLEX hybrid model, which enables maximum flexibility: 2 days working from the office and 3 days of remote work, each week. Naturally, office days focus on face-to-face meetings, where teamwork and collaborative thinking generate innovation, new ideas, and a vibrant, interactive atmosphere.