1

Information Security Engineer Jobs in Rochester, NY

Senior Security Engineer

Rochester, NY · Remote

$113K - $154K/yr

You will work closely with cross-functional teams including IT, Network Engineering, Legal, HR, Compliance, and external parters to design, implement, document, and evolve security controls, policies ...

Senior Security Engineer

Rochester, NY · On-site

$113K - $154K/yr

Category Information Technology Full-Time/Part-Time Full-Time Location(s) Rochester Office ... The Senior Security Engineer is responsible for owning and advancing the organization's overall ...

Senior Security Engineer

Rochester, NY · Remote

$110K - $151K/yr

You will work closely with cross-functional teams including IT, Network Engineering, Legal, HR, Compliance, and external parters to design, implement, document, and evolve security controls, policies ...

Security Systems Engineer

Rochester, NY · On-site

$80K - $149K/yr

Specialist, Information Security Systems Engineer Job Code: 39983 Job Location: Rochester, NY Job Schedule: 9/80: Employees work 9 out of every 14 days - totaling 80 hours worked - and have every ...

next page

Showing results 1-20

Information Security Engineer information

See Rochester, NY salary details

$67.1K

$125.1K

$188.9K

How much do information security engineer jobs pay per year?

As of Jul 15, 2026, the average yearly pay for information security engineer in Rochester, NY is $125,143.00, according to ZipRecruiter salary data. Most workers in this role earn between $103,600.00 and $143,100.00 per year, depending on experience, location, and employer.

What are the key skills and qualifications needed to thrive as an Information Security Engineer, and why are they important?

To thrive as an Information Security Engineer, you need a solid understanding of network security, risk assessment, cryptography, and incident response, usually backed by a degree in computer science or a related field. Familiarity with security tools such as SIEM platforms, firewalls, intrusion detection systems, and certifications like CISSP or CEH are typically required. Strong problem-solving abilities, attention to detail, and effective communication skills help you collaborate with teams and manage threats proactively. These skills and qualifications are vital to protecting organizational assets, ensuring compliance, and minimizing security risks in an ever-evolving threat landscape.

What are Information Security Engineers?

Information Security Engineers are professionals responsible for protecting an organization’s computer systems, networks, and data from security threats and cyberattacks. They design, implement, and maintain security protocols, monitor systems for vulnerabilities, and respond to security incidents. Their work often involves conducting risk assessments, developing security policies, and ensuring compliance with industry standards and regulations. Information Security Engineers play a critical role in maintaining the confidentiality, integrity, and availability of information assets.

What are some common challenges Information Security Engineers face when collaborating with other departments?

Information Security Engineers often work closely with teams like IT, software development, and compliance. A common challenge is balancing security protocols with business needs, as other departments may prioritize speed or user experience over stringent security measures. Effective communication and the ability to explain technical risks in business terms are crucial for gaining buy-in and implementing robust security solutions. Additionally, keeping up with evolving threats while ensuring that all teams follow security best practices can be demanding but is key to organizational safety.

What Does an Information Security Engineer Do?

An information security engineer works closely with information security specialists to analyze an organization’s computer and network system and identify and fix any potential issues related to fraud, cyber attacks, leaked data, or other security breaches. Your security engineering duties include performing routine maintenance and upgrades on security systems and programs, fixing issues brought to you by information security specialists, and researching solutions to improve current systems. You carry out your responsibilities in the information technology department of an organization, but you may also report to other departments to update management on the organization’s security status.

What engineers make $500,000?

Senior-level information security engineers with extensive experience, advanced certifications (such as CISSP or CISM), and expertise in areas like threat management or security architecture can earn salaries approaching or exceeding $500,000 annually, especially in high-demand industries or senior leadership roles. Compensation often includes bonuses, stock options, or other incentives. Such roles typically require strong technical skills, leadership ability, and a track record of managing complex security programs.

Can you make $500,000 a year in cyber security?

Information Security Engineers with extensive experience, advanced certifications, and specialized skills in areas like penetration testing or security architecture can potentially earn salaries approaching or exceeding $500,000 annually, especially in high-cost-of-living regions or senior leadership roles. However, such compensation levels are uncommon and typically require many years of expertise, leadership responsibilities, or executive positions within large organizations. Most cybersecurity professionals earn significantly less, with salaries varying based on location, experience, and industry.

What is the difference between Information Security Engineer vs Network Security Engineer?

AspectInformation Security EngineerNetwork Security Engineer
CertificationsCompTIA Security+, CISSP, CEHCCNA Security, CISSP, CompTIA Security+
Work EnvironmentDesigns security systems, analyzes threats, implements security protocolsConfigures and manages network security devices, monitors network traffic
Employer & Industry UsageTech companies, finance, government agenciesTelecom, enterprise IT, cybersecurity firms

While both roles focus on protecting digital assets, the Information Security Engineer develops comprehensive security strategies and policies, whereas the Network Security Engineer primarily manages network defenses and infrastructure. Understanding these distinctions helps organizations assign the right security responsibilities and professionals.

Can I make $200,000 a year in cyber security?

Information Security Engineers with extensive experience, advanced certifications, and specialized skills such as penetration testing or security architecture can potentially earn $200,000 or more annually. Salaries vary based on location, industry, and company size, with senior roles and those in high-demand areas typically commanding higher compensation.

What does an information security engineer do?

An information security engineer designs, implements, and manages security measures to protect an organization’s computer systems and networks from cyber threats. They analyze vulnerabilities, develop security protocols, and use tools like firewalls and intrusion detection systems to safeguard data. Certification such as CISSP or CEH and knowledge of security frameworks are often important in this role.
What are popular job titles related to Information Security Engineer jobs in Rochester, NY? For Information Security Engineer jobs in Rochester, NY, the most frequently searched job titles are:
What job categories do people searching Information Security Engineer jobs in Rochester, NY look for? The top searched job categories for Information Security Engineer jobs in Rochester, NY are:
Infographic showing various Information Security Engineer job openings in Rochester, NY as of July 2026, with employment types broken down into 100% Full Time. Highlights an 100% In-person job distribution, with an average salary of $125,143 per year, or $60.2 per hour.
Senior Information Security Analyst

Senior Information Security Analyst

CooperVision

Victor, NY • On-site

Full-time

Posted 10 days ago


CooperVision rating

7.2

Company rating: 7.2 out of 10

Based on 12 frontline employees who took The Breakroom Quiz


Job description

Job Summary:
CooperVision is a leading global manufacturer of contact lenses dedicated to improving vision. The Senior Information Security Analyst provides advanced security expertise across the enterprise, partnering with various teams to define and maintain security architecture, streamline remediation of vulnerabilities, and improve Security Controls effectiveness.
Responsibilities:
• Provide leadership and direction for the integration of security culture and design within business and IT strategy; work with the Engineering teams to ensure that security considerations are included in systems architecture and help to identify, evaluate, and select security solutions to meet information security/compliance needs.
• Mentor and coach junior team members to develop well-rounded information security skill sets; promote a strong security culture and awareness across the organization.
• Work with compliance teams to ensure solutions meet security policies and procedures.
• Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations.
• Administer and tune security tools (e.g., SIEM, NAC, firewalls, IDS/IPS, secure email gateway) to ensure effective monitoring and detection while enabling business operations.
• Partner with Security Engineers to ensure security-by-design in systems architecture and delivery of secure solutions; participate in change/project management to validate secure designs and implementations.
• Define and maintain enterprise security documents (policies, standards, baselines, guidelines, and procedures) and provide detailed hardening guidance to technical teams.
• Prioritize vulnerability assessment output based on exploitability, impact, and likelihood; coordinate remediation across infrastructure, endpoints, applications, and cloud services.
• Support compliance with relevant regulations and frameworks (e.g., SOX, HIPAA, PCI, GDPR, GLBA) and privacy laws; prepare for and participate in audits and examinations.
• Design, scope, and lead deep technical assessments on internal and external systems.
• Define incident response playbooks for IT and Information Security personnel to follow when responding to common issues (e.g., malware infection, phishing, etc.)
• Act as a Subject Matter Expert within all Information Security disciplines.
• Coordinate and help implement significant security projects
• Contribute to Business Continuity and Disaster Recovery planning and exercises in coordination with IT and continuity team
• Influence and communicate business risk and recommended mitigations to technical and non-technical audiences; document clearly for management and stakeholders.
• Handle sensitive/confidential information, investigations, and incidents in a professional and confidential manner.
• Perform other duties as assigned.
Qualifications:
Required:
• Expert knowledge of security frameworks and concepts such as NIST 800-53, ISO 27001, CIS Critical Controls, the Cyber Kill Chain, MITRE ATT&CK, and OWASP.
• Have in-depth knowledge and understanding of information risk concepts and principles as a means of relating business needs to security controls.
• Deep understanding of enterprise infrastructure and security technologies including network switches/routers, firewalls/VPN, DLP, anti-malware, IDS/IPS, SIEM, SMTP/email security, Active Directory/Group Policy, DNS, DHCP, VLANs, and content filtering.
• Experience with traditional and modern security controls such as SIEM, IDS/IPS, PKI, IAM, antivirus/firewalls, EDR, threat intelligence, security automation/orchestration, deception, and application controls.
• Ability to conduct vulnerability scanning and penetration testing; incident response and digital forensics.
• Experience developing policies, procedures, standards, and guidelines.
• Strong analytical, strategic, and tactical thinking; ability to communicate business risk effectively and drive nuanced solutions without impeding innovation.
• Understanding of common cloud platforms and how to secure them; experience with AWS and/or Azure is a plus.
• Ability to interact with Cooper personnel and build strong relationships at all levels, and across all business units and organizations, and to understand business imperatives.
• Strong leadership abilities, with the capability to develop and guide information security team members and IT operations personnel, and to work with minimal supervision.
• Excellent verbal, written and interpersonal communication skills, including the ability to communicate effectively with the IT organization, project and application development teams, management, and business personnel.
• 5-10 years of professional IT experience; 3-6 years specifically in Information Security, including work with geographically dispersed teams.
• Experience supporting audits and meeting regulatory requirements (SOX, HIPAA, PCI, GDPR, GLBA).
• Bachelor’s degree in computer science, information assurance/cybersecurity, MIS, or equivalent experience.
Preferred:
• Professional certifications such as GIAC (e.g., GSEC/GCIA), CISSP, CISM, Cisco Security or similar are preferred.
Company:
CooperVision is one of the world’s leading manufacturers of soft contact lenses and related products and services. It is a sub-organization of The Cooper Companies. Founded in 1980, the company is headquartered in Fairport, USA, with a team of 5001-10000 employees. The company is currently Late Stage.

What CooperVision employees say

Pay

Benefits

Hours and flexibility

Workplace

Get the full story on Breakroom