Information Security Engineers

web administrators.webp
$104,920 Median Wage (2023)
34,800 Projected job openings (2023-2033)
10.8% Projected growth (2023-2033)

Develop and oversee the implementation of information security procedures and policies. Build, maintain and upgrade security technology, such as firewalls, for the safe use of computer networks and the transmission and retrieval of information. Design and implement appropriate security controls to identify vulnerabilities and protect digital files and electronic infrastructures. Monitor and respond to computer security breaches, viruses, and intrusions, and perform forensic investigation. May oversee the assessment of information security systems.

Experience Requirements Overview

  • Job Zone Four: Considerable Preparation Needed
  • A considerable amount of work-related skill, knowledge, or experience is needed for these occupations. For example, an accountant must complete four years of college and work for several years in accounting to be considered qualified.
  • Most of these occupations require a four-year bachelor's degree, but some do not.
  • Employees in these occupations usually need several years of work-related experience, on-the-job training, and/or vocational training.

Detailed Work Activities

  • Evaluate utility of software or hardware technologies.
  • Investigate illegal or suspicious activities.
  • Coordinate reporting or editing activities.
  • Manage information technology projects or system activities.
  • Develop performance metrics or standards related to information technology.

Tasks

  • Assess the quality of security controls, using performance indicators.
  • Conduct investigations of information security breaches to identify vulnerabilities and evaluate the damage.
  • Coordinate documentation of computer security or emergency measure policies, procedures, or tests.
  • Coordinate monitoring of networks or systems for security breaches or intrusions.
  • Coordinate vulnerability assessments or analysis of information security systems.
  • Develop information security standards and best practices.
  • Develop or implement software tools to assist in the detection, prevention, and analysis of security threats.
  • Develop or install software, such as firewalls and data encryption programs, to protect sensitive information.
  • Develop response and recovery strategies for security breaches.
  • Identify or implement solutions to information security problems.
  • Identify security system weaknesses, using penetration tests.
  • Oversee development of plans to safeguard computer files against accidental or unauthorized modification, destruction, or disclosure or to meet emergency data processing needs.
  • Oversee performance of risk assessment or execution of system tests to ensure the functioning of data processing activities or security measures.
  • Provide technical support to computer users for installation and use of security products.
  • Recommend information security enhancements to management.
  • Review security assessments for computing environments or check for compliance with cybersecurity standards and regulations.
  • Scan networks, using vulnerability assessment tools to identify vulnerabilities.
  • Train staff on, and oversee the use of, information security standards, policies, and best practices.
  • Troubleshoot security and network problems.
  • Write reports regarding investigations of information security breaches or network evaluations.

Data Source: This page includes information from the O*NET 28.0 Database by the U.S. Department of Labor, Employment and Training Administration (USDOL/ETA). Used under the CC BY 4.0 license. O*NET® is a trademark of USDOL/ETA. This page includes Employment Projections program, Occupational Employment and Wage Statistics program, U.S. Bureau of Labor Statistics.