Information Security Engineer

What is an Information Security Engineer?

We are seeking a diligent and experienced Information Security Engineer to join our team. In this role, you will be working within a group of highly motivated Information Technology and Information Security professionals committed to keeping Central Hudson safe. The Information Security Engineer will also be responsible for designing, implementing, and maintaining our information security operations tools to ensure the protection of our organization's critical assets. The ideal candidate will have a strong understanding of modern security principles, excellent analytical skills, and the ability to communicate effectively with internal stakeholders and vendors alike.

What does an Information Security Engineer do?

• Designs, implements, and maintains security architecture and solutions to protect the organization's systems, networks, and data from cyber threats

• Oversees CSOC tools, including the management of SIEM, EDR, SOAR, and other security solutions, and serves as the CSOC tools technical lead for escalation of functional issues

• Continuously improves CSOC tools to optimize analyst efficiency and automate processes where feasible

• Develops, documents, and enforces cybersecurity policies, procedures, and standard operating protocols aligned with organizational and regulatory requirements

• Conducts regular security audits to ensure systems, configurations, and processes meet established security standards and compliance requirements

• Maintains in-depth knowledge of security and networking infrastructure dependencies of the CSOC, including the configuration and status of each

• Implements best practices for CSOC log collection, including configuring log sources and ensuring optimal data flow into the SIEM

• Partners with IT and security teams to identify new log sources and ensure they are integrated into the SIEM

• Performs tool health assessments and tool activity audits to identify both security and operational issues

• Participates in collaborative threat intelligence sharing with government and local agencies to stay ahead of emerging threats

• Stays updated with the latest cybersecurity trends, threats, and technologies, and applies this knowledge to strengthen the organization's security posture

• Maintains a professional presence in the industry and business relationships with key technology-dependent organizations to support the application of technology to relevant business areas

• Supports project planning and execution for security initiatives, including tracking timelines and resource needs to achieve on-time and in-budget implementation of best-in-class solutions

• Participates in on-call rotation as needed to respond to security incidents outside of regular working hours

• Provides support for storm restoration efforts

What does it take to be an Information Security Engineer?

Required:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science or related field of study and relevant work experience in information security engineering or a closely related domain or an associate degree in the aforementioned fields and 3+ years of relevant work experience in information security engineering or a closely related domain. In lieu of a degree, a high school diploma or equivalency degree and 5+ years of relevant work experience in information security engineering or a closely related domain will be considered.

• Experience designing, implementing and managing security tools such as firewalls, SIEM, EDR, SOAR, IDS/IP S, encryption, and other security solutions

• Strong knowledge of common and emerging attack vectors, penetration methods and countermeasures

• Demonstrated ability to effectively manage and respond to security incidents, including identifying, analyzing, and mitigating threats

• Experience configuring and administering Windows Servers and Workstations, Active Directory & Group Policy, Microsoft 365, Microsoft Defender, Microsoft Sentinel, Azure Entra ID, Azure compute and networking resources, and RedHat Enterprise Linux and other Linux server flavors

• Understanding of security architecture principles, including network segmentation, defense-in-depth, and zero trust models

• Understanding of a broad range of security technical concepts

• Experience with scripting for automation and analysis (e.g., Python, Bash, PowerShell)

• Effective communication skills, with the ability to collaborate with diverse teams, and communicate complex concepts clearly and concisely

• Excellent analytical, decision-making skills, multitasking, and organizational skills

• Ability to work with limited direct supervision and professionally respond to constructive feedback

• Ability to be available for on-call and after hour security incidents

• Valid driver’s license

Preferred:

• 7+ years of information security experience in the configuration and support of information security related applications and infrastructure

• Experience in Security and/or Regulatory Frameworks such as NIST, CIS Benchmarks, SOX, NERC CIP, etc.

• Experience in Energy & Utilities or services industry

• Experience with data visualization tools

• Relevant certifications such Systems Security Certified Practitioner (SSCP), CompTIA Cybersecurity Analyst (CySA+), Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH)

Applications will be accepted until July 9, 2026. 

This position has a career path which allows for advancement opportunities within the Information Security Analyst job series. The title and level are commensurate with experience. Pay range: $73,000 - $171,300

Please go to https://www.cenhud.com/employment. Click the “Search Career Opportunities” button. Follow the directions to submit an application and upload your resume for the desired position.

Applications sent via e-mail and US Mail will not be accepted.  No phone calls or agencies, please.  All replies will be held in strict confidence.

All qualified applicants will receive consideration for employment and will not be discriminated against on the basis of race, creed, color, ethnicity, arrest or conviction record, religion, sex, sexual orientation, gender identity or expression, national origin, age, disability, citizenship, genetic information, familial status, marital status, pregnancy-related condition, domestic violence victim status, veteran or military status, or any other characteristic protected by federal, state or local laws. Central Hudson Gas & Electric Corporation takes affirmative action in support of its policy to employ and advance employment in individuals who are protected veterans and individuals with disabilities.

VEVRAA FEDERAL CONTRACTOR