Issues in Science and Technology Jobs

Security DLP Policy Engineer Posted Sep 14
Request Technology - Robyn Honquest , Chicago, IL
NO 3rd Parties

Security Policy Engineer

Location: Chicago, IL

Looking for more of a technical security policy engineer who works along with Risk Governance the Security Engineers. You will have DLP (Data Loss Protection) How Data Protection adheres to policy.

You will be subject matter expert for Information Security (consulting to technical and non-technical management and the user community), and performs key risk management functions within Information Technology.

Serve as a subject matter expert for Information Security, consulting to technical management (serving on project teams, discussing application and systems architectures, etc), non-technical management (educating the user community on information security) and attorneys (eg litigation-related technical education) as necessary.

Effectively perform risk assessments for IT projects, technologies and third-parties (eg, vendors and service providers). Coordinate with IT teams in delivering recommendations and following up on action items.

Maintain, manage and monitor compliance to ISO 27001, regulatory/legal requirements and client requirements.

Assist in coordination of the Security Awareness program, including development of awareness content, scheduling of awareness activities and measuring progress of the program.

Respond to IT Security questionnaires from current and prospective clients and business partners


3+ years professional experience, 2+ years working in area of risk management, governance, IT security and/or compliance.

Familiarity with Security frameworks and regulations: ISO 27001, NIST, etc.

A strong candidate will have one or more of the following certifications:

Certified Information Systems Security Professional (CISSP) or Certified Information Security Auditor (CISA). CISSP Associate will be considered.

Various vendor-specific certifications relevant to one or more Specific Technologies listed at the end of this description


Knowledge of basic security technology capabilities.

Strong knowledge of anti-malware technologies.

Strong knowledge of security administration and role based security controls.

Strong knowledge of authentication technologies and their interaction with different platforms, both on-site and remote.

Knowledge of both client and server Firewalling technologies and their configuration and administration.

Knowledge of security systems log correlation and analysis.

Knowledge of data encryption technologies.

Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities.

Knowledge of web filtering and email SPAM prevention techniques.

Knowledge of vulnerability assessment and forensic tools.

Current Security Technologies

Windows Authentication and Active Directory integration

Trend and Microsoft Forefront Anti-Malware

Symantec/PGP Full-disk Encryption

WinMagic (Full-Disk Encryption)

RSA Authentication Manager and RADIUS

Logrythm Security Incident and Event Management

ScanSafe Web Filtering

Cisco ASA Firewall

Rapid 7/Metasploit Pro

SANS Securing the Human

Proofpoint SPAM filtering


Employment Type: Permanent
Work Hours: Full Time
Other Pay Info: 100-115K + 10% Bonus

Click here to apply - Please mention that you saw the job on Issues in Science and Technology