Security Engineers?

Cyberscum

I am kinda looking for the right opportunity to come and I noticed a security engineer job that came up.

It seems like the job would be a nice mix of tech and policy work as right now I'm about 80% policy and 20% tech. I would like for it to be 50/50.

Does anyone have any insight into a security engineer position?

It requires ISSEP within one year which should not be an issue, but this is the first title I will be applying for that is a security engineer so I'm a little u sure what that actually is?

devilbones

Cyberscum wrote: »

See that's where it gets confusing and titles get blended.

I am a security systems manager, not an engineer and I manage pen testing (vulnerability management), software devs and accreditation, config management, switches, servers etc...

But I do it in a nontechnical way. This is where the confusion is...

So from what I can gather, a security engineer is just another title to pretty much do anything in security lol. Like all other IT titles.

I guess that I misread your initial question. I am a security engineer. I work for the Cyber department for an ISSO. I am embedded with the application programmers and the infrastructer engineers. Our job is to ensure that security is 'baked in' to their engineering process. So if the programmers release some code, we test it and make recomendations on securing it. We have one vulnerability analyst that tries to break everything and then we develop solutions on patching thoses holes. As far as infrastructure, we run ACAS and other tools to ensure STIG compliance. My job is like 50/50 tech and policy, but most of the writing and reports are done by the ISSO and ISSM.