Sr Security Engineer

Contract to Hire Opportunity

The Senior Engineer, Information Security Operations role is responsible for assisting with day-to-day tasks that include cloud security, vulnerability assessments, and incident response. Responsibilities include threat modeling, identifying process gaps, and working closely with internal and external teams to perform security assessments for cloud environments. Communication skills are a must for this position. Coordinate operational and support aspects related to all information security related matters across the enterprise, including resource management and problem/situation management coordination.
Minimum Requirements

• Bachelor s degree in related field or equivalent experience
• 10 or more years of work experience in IT
• 3 or more years of experience with utilizing a vulnerability scanner such as Nessus, Nexpose, Qualys, etc.
• 2 or more years of experience managing an EDR in an Enterprise environment
• 2 or more years of cloud-based infrastructure experience
• 2 or more years of experience working with and managing a SASE / CASB solution
• Relevant industry experience with a technical background
• Must have a deep understanding of Windows and Linux operating systems
• Must be willing to participate in an on-call rotational schedule
• Continually follow the threat landscape to stay on top of the latest vulnerabilities
• Ability to work effectively with technical and non-technical personnel in a cross-functional setting
• Strong balance of business acumen and technology knowledge
• Good verbal/written communication skills
• Self-starter/motivated
• Strong attention to detail
• Strong team player who can work across multiple functions and lead peers
• Establishes and communicates clear priorities and sense of direction
• A good listener and collaborator who partners closely with others
• Expresses ideas in a clear, fluent, and concise manner to both technical, and non-technical audiences
• Exceptional written, verbal and presentation communication skills

Responsibilities

• Directs and participates in information security projects and supports team efforts for day-to-day operations
• Provide continual assessments of cloud environments, and make recommendations where needed
• Assist with the management and monitoring of the SASE / CASB solution
• Assists in the investigation of security-related events due to malware and/or phishing attacks
• Assist with computer forensic and eDiscovery requests as needed
• Assists with follow-up on alerts received from user-reported email, SIEM solution, and/or IPS
• Assists with managing and monitoring the EDR solution and respond to threats in the environment
• Will be part of the on-call rotation to provide support on nights and weekends if needed
• Serves as a member of the team and as a mentor to other information security team members as needed
• Assesses the current information security program and makes recommendations regarding improvements

Preferred Qualifications

• Certified Information Systems Security Professional (CISSP)
• Experience with vulnerability scanners
• Experience in Computer Forensics and eDiscovery
• Coding experience to include any scripting/coding language. Examples include PowerShell, .NET, C/C++, etc.

Specialized Skills & Technologies

• SASE / CASB Vulnerability Management
• Cloud infrastructure environments
• Incident Response
• Computer Forensics
• Malware Analysis
• Ability to code in .NET or PowerShell