• home icon
  • Job Description
  • Examples
  • data systems administration
  • information security engineer

Information Security Engineer Job Description

Information Security Engineers, also called Information Security Analysts, help to safeguard organization’s computer networks and systems. They plan and carry out security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks. Information Security Engineers usually work as part of a larger IT team and report directly to upper management.

As sensitive data is more frequently stored on computer systems, and hacking and cyber-attacks grow more frequent, companies and governments are increasingly relying on Information Security Engineers. The Bureau of Labor Statistics expects an 18 percent increase in jobs for Information Security Engineers through 2024, a rate much faster than the average job growth in all other sectors.


Information Security Engineer Duties and Responsibilities

To accomplish their primary goal of protecting computer systems and networks, Information Security Engineers perform many tasks. We analyzed several job listings to identify these core Information Security Engineers duties and responsibilities.

Develop Information Security Plans and Policies

Information Security Engineers help plan and carry out an organization’s information security strategy. They develop a set of security standards and best practices for the organization, and recommend security enhancements to management as needed. They develop strategies to respond to and recover from a security breach. Information Security Engineers are also responsible for educating the workforce on information security through training and building awareness.

Implement Protections

Information Security Engineers install and use software, such as firewalls and data encryption programs, to protect organizations’ sensitive information. They also assist computer users with installation or processing of new security products and procedures.

Test for Vulnerabilities

An Information Security Engineer conducts periodic scans of networks to find any vulnerability. They also conduct penetration testing, in which they simulate an attack on the system to highlight or find any weaknesses that might be exploited by a malicious party.

Monitor for Security Breaches

Information Security Engineers must constantly monitor their organization’s networks and systems for security breaches or intrusions. They install software that helps to notify them of intrusions, and watch out for irregular system behavior.

Investigate Security Breaches

If a breach has occurred, the Information Security Engineer leads incident response activities to minimize the impact. Afterwards, they lead a technical and forensic investigation into how the breach happened and the extent of the damage. They prepare reports of their findings to be reported to management.


Information Security Engineer Skills

A strong multi-tasker with a keen eye for detail, a successful Information Security Engineer can think one step ahead of criminals. They are well organized and thrive in fast-paced, high-stress scenarios. In addition to these general skills and personality traits, employers are seeking Information Security Engineer candidates with the following skills.

Core skills: Based on job listings we looked at, employers want Information Security Engineer with these core skills. If you want to work as an Information Security Engineer focus on the following.

  • Direct experience with anti-virus software, intrusion detection, firewalls and content filtering
  • Knowledge of risk assessment tools, technologies and methods
  • Experience designing secure networks, systems and application architectures
  • Knowledge of disaster recovery, computer forensic tools, technologies and methods
  • Experience planning, researching and developing security policies, standards and procedures
  • Professional experience in a system administration role supporting multiple platforms and applications
  • Ability to communicate network security issues to peers and management
  • Ability to read and use the results of mobile code, malicious code, and anti-virus software

Advanced skills: While most employers did not require the following skills, multiple job listings included them as preferred. Add these to your Information Security Engineer toolbox and broaden your career options.

  • Strong understanding of endpoint security solutions to include File Integrity Monitoring and Data Loss Prevention
  • CCRI Certification
  • Ability to obtain a Security Clearance


Information Security Engineer Resources

We searched the Web to find the best industry resources to help you continue exploring a career as an Information Security Engineer. From thought leaders to industry groups, this list is packed with opportunities to learn, connect and engage.

On the Web

Wired’s Threat Level – This blog from a well-known publication covers privacy, crime, and online security online.

Info Security – Read the latest security news impacting consumers and professionals in the field of cyber security.

INFOSEC Institute – Online skills-based training and resources to keep you at the cutting edge of information security.

On LinkedIn

Information Security Community – Connect and network with a huge community of almost 300,000 members who work in Information Security.

Information Security Careers Network (ISCN) – Find jobs as an Information Security Engineer or other related jobs.

Industry Groups

Information Systems Security Association – This international organization of information security professionals and practitioners provides educational forums, publications, and opportunities to interact with peers.

SANS Institute – A research and education organization with lots of helpful links and insights.

Information Security Engineer Books

Elementary Information security – Read this primer for a foundational understanding of the basics of information security.

Management of Information Security – An overview covering all aspects of information security from a management perspective.

CISSP (ISC)2 Certified Information Systems Security Professional Official Study Guide – Prepare for the Certified Information Security Systems Professional Exam with this thorough study guide


Information Security Engineer Resume Help

Explore these related job titles from our database of hundreds of thousands of expert-approved resume samples:

Your Cover Letter, Made Easy.

You are looking for your dream job and need a cover letter? My Perfect Cover Letter is your solution and takes the hassle out of cover letter writing. Create the perfect job-worthy cover letter effortlessly in just a few clicks!