Information Security Engineer

Full Time
Cary, NC
Areas of Interest: Incident Response, Vulnerability Assessment and Management
report a problem

Happy employees. Great work. No coincidence. 
Learn about opportunities to join the team, share your talents and make a difference!
SAS believes in the whole employee experience. Meaningful work. Empowerment to make a difference that changes people’s lives. Dynamic work environments that foster innovation. And an award-winning culture that makes it all possible. We believe great ideas can come from anywhere. Whether you're a university recruit, or an experienced professional ready for the next big challenge, SAS brings perks, passion, and the potential to grow. No limits.

As an Information Security Engineer within Global Information Security, you will be responsible for helping protect SAS by developing and executing innovative security controls, defenses and countermeasures designed to help prevent internal and external attacks. Candidates should possess a diverse set of skills including automating security tasks, security architecture, security operations tool development, risk assessment, incident response, log analysis, consulting and providing guidance about best practices.

Primary Responsibilities:

  • Researches attempted or successful efforts to compromise systems security, determines causes of security violations, and designs countermeasures.
  • Routinely conducts security risk assessments on networks and systems and makes recommendations to management to improve security and avoid negative impact on the business caused by theft, destruction, alteration, or denial of access to information and systems.
  • Maintains network security devices such as IDS/IPS, proxy servers, NGFWs, etc.
  • Develops and maintains existing security operations tools.
  • Responds to security incidents as part of the Incident Response Team.
  • Evaluates new products as they are being considered and provides recommendations for usage.
  • Researches latest security best practices, staying abreast of new threats and vulnerabilities and helps disseminate this information to appropriate groups within the organization.
  • Coordinates and executes security projects for the organization.


  • 3+ years of demonstrable information security experience.
  • Bachelor's degree in computer science or related quantitative field.
  • If not already certified as a CISSP, be capable of qualifying for and passing related certification exam.
  • Ability to analyze and classify security events for remediation.
  • Experience with log management/SIEM technologies and configuration.
  • Experience automating tasks via various scripting languages (Python, PERL, PHP, and/or Shell).


  • Experience with securing cloud servers such as AWS, Azure, etc.
  • Ability to communicate clearly, to both technical and non-technical audiences, risks, threats, and vulnerabilities identified during assessments.
  • Ability to review and advise on policies, procedures, technical documentation and contract reviews.
  • Ability to prioritize work and meet deadlines.
  • UNIX and Windows system administration.
  • Demonstrated understanding of TCP/IP networking.
  • Knowledge of information security practices and procedures.
  • Knowledge of risk management standards and procedures.
  • Ability to utilize both manual and automated attack methods.

Additional Information
To qualify, applicants must be legally authorized to work in the United States, and should not require, now or in the future, sponsorship for employment visa status. SAS is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status or any other characteristic protected by law. The level of this position will be determined based on the applicant's education, skills and experience. Resumes may be considered in the order they are received. SAS employees performing certain job functions may require access to technology or software subject to export or import regulations. To comply with these regulations, SAS may obtain nationality or citizenship information from applicants for employment. SAS collects this information solely for trade law compliance purposes and does not use it to discriminate unfairly in the hiring process.

Share this job:


SAS is the leader in business analytics software and services, and the largest independent vendor in the business intelligence market. Through innovative solutions, SAS helps customers at more than 70,000 sites improve performance and deliver value by making better decisions faster. Since 1976 SAS has been giving customers around the world THE POWER TO KNOW®.

SAS, BI, Data Mining, OLAP, DW, Analytics, Business Analytics, Predictive Analytics, Statistics, Customer Intelligence, Enterprise Risk Management
Visit SAS's Social Media pages:
Company Industry: Computer Software
Company Type: Privately Held
Company Size: 10,001+