• Must be familiar with security industry standards and best practices, and must be able to effectively work with development and engineering counterparts.
• This position will define network security standards and security response guidance and will resolve or investigate issues through closure.
• The Senior Security Engineer will assist the area Manager of Security with ensuring the security tools, for which they are assigned, are effectively built, deployed, maintained and operated to fulfill the goals of the Company security policy.
• Perform configuration updates, such as modifying configurations, signature definitions or implementing new policies.
• Perform daily OS and application level administration for assigned security elements, support regularly schedule maintenance and change requests.
• Provide advanced application level support for the resolution of security system faults, including system patches and software upgrades.
• Respond to security incidents and report on incident handling and resolution.
• Develop and maintain security system fault management support procedures for assigned systems.
• Develop and maintain security incident management procedures for assigned systems.
• Investigate opportunities to update security system capabilities or perform policy updates based upon system performance reports and observed incidents or threats.
• Be able to leverage other network management tools for the identification and response to security incidents and faults.
• Ensure timely proactive identification and reporting of security gaps and vulnerabilities to the network infrastructure.
• Assist with the preparation of quarterly, monthly, and weekly reports, and trend analysis, based upon network security incidents, faults and performance data.
• Assist with exception security audits to verify completeness of security required configurations and verify system hardening.
• Participate in the post-mortem investigation of catastrophic network security incidents and prepare security incident reports documenting the findings.
• Other duties as assigned
• Bachelor’s degree in Computer Science, MIS, Network Security Engineering, or related field.
• Minimum 4 years of experience with Security Systems and Network Engineering / Security System Administration in an ISP, large-scale network environment, or Large Enterprise, or equivalent.
• Must have deep understanding of system and network requirements gathering and security hardening and testing.
• Must be able to communicate complex security concepts to technical engineering and development groups.
• Should be able conduct system and network security assessments and reviews.
• Should have scripting proficiency and be comfortable with developing complex system administration and maintenance scripts on an as needed basis, using standard scripting languages and tools.
• Proven analytical and problem solving ability.
• Excellent oral/written communication and inter-personal skills.
• At least 6 years of experience administering Unix or Linux based applications (or) at least four years of experience administering Unix or Linux systems in secure environments
• At least 2 years’ experience with TCP/IP and UDP/IP networking.
• Experience with the following SSL, HTTPS, PGP, DES, SSH, SCP, Kerberos, IPSEC, PKI
• Excellent understanding of the Internet protocol suite, e.g. Radius, BOOTP, ARP, IP, ICMP, BGP, OSPF, TCP, UDP, LDAP, DNS, DHCP, SNMP, SMTP, SIP, GRE, Netflow/cflowd and POP3
• Skilled with PHP, Perl, CGI or shell scripting
• Expert level experience with firewall IOS/OS installation, configuration and backup and restoration
• Expert policy creation and rule design and updates, firewall administration experience preferred
• Policy creation for host.deny, host.allow, IPTables, IPFilters and other settings used to protect host based system network interfaces
• Should be comfortable with developing security review guidelines for network and application pre-deployment approval of security changes or changes to publicly addressed network devices and hosts
• Should be able to perform packet decodes and packet captures using standard tools, should be comfortable running network security scans and conducting network and host audits
• Technical working knowledge and proficiency with network signature-based IDS, network anomaly detection and behavioral analyzers
• Should be able to create and implement new system signatures for signature based tools, should also be able to report and make recommendations for signature changes based upon network conditions.
• Knowledge of incident response procedures.
• Should be able to conduct exception audits to confirm current security posture
• Good understanding of DOCSIS or DAVIC network principles, a strong plus.
• Experience with Concord eHealth, Netcool Omnibus, Spectrum Infinity or other network management software a plus.
(at least one certification in any of these areas)
• CISSP or CISA
• CCSA, CCSE, CCSP
• Preferred - GIAC
• Preferred – Checkpoint Juniper, or Enterasys Certified Training