Information Systems Security Engineer

Information Systems Security Engineer

« Back to Glossary Index
Visit Us
Follow Me

An Information Systems Security Engineer (ISSE) is a professional role responsible for protecting an organization’s computer systems and networks from threats, ensuring system availability, integrity, authentication, confidentiality, and non-repudiation.

An ISSE applies principles, methods, and knowledge of complex technologies, system design, and procedures to ensure the safety of information systems and networks. They often operate at the intersection of information security, information systems, and information engineering, meaning they need to understand both the technical and management aspects of security.

The duties of an ISSE may include:

  1. Implementing and maintaining security systems: This may involve installing software like firewalls and data encryption programs, testing systems for vulnerabilities, and monitoring networks for breaches or irregularities.
  2. Security strategy: An ISSE is typically responsible for designing and implementing a security strategy that protects an organization’s information assets from threats while also ensuring compliance with regulations and standards.
  3. Risk assessment and management: This involves identifying potential threats and vulnerabilities, assessing their potential impact, and implementing strategies to manage them.
  4. Compliance and audit: Ensuring the organization’s security posture aligns with industry standards and regulatory requirements, and that this can be demonstrated during audits.
  5. Incident response: Responding to security breaches and incidents, minimizing their impact, and conducting post-incident analysis to learn from the event and prevent future incidents.

The ISSE role requires a deep understanding of information security principles, technologies (such as firewalls, intrusion detection systems, etc.), and standards (like ISO 27001, NIST frameworks, etc.). They should also have strong problem-solving skills and the ability to stay current with the evolving cybersecurity landscape.

It’s also common for an ISSE to have relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA).

You may also like...