Overview
On Site
$115,000 - $135,000 annually
Full Time
Skills
EPM
Vulnerability Scanning
Vulnerability Assessment
Emerging Technologies
Usability
SOP
Orchestration
Migration
Cloud Computing
Continuous Integration
Continuous Delivery
DevOps
Threat Modeling
Reporting
Training
Communication
Information Security Governance
Regulatory Compliance
Information Systems
Management
Multi-factor Authentication
SIEM
Event Management
Incident Management
Scripting
Python
Windows PowerShell
Malware Analysis
Palo Alto
Microsoft Azure
Network Design
Microsoft Windows
Linux
Database Security
Information Security
Computer Networking
Cloud Security
ISO 9000
Information Security Management System
Process Improvement
Artificial Intelligence
Messaging
Job Details
RESPONSIBILITIES:
Kforce is working with a local law firm in search of a Security Engineer. This is a hybrid role, 3 days a week on-site in Downtown Pittsburgh, PA.
Responsibilities:
* Security Engineer will administer the Firm's security solutions including, CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology
* Subject-matter-expertise and administer CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM
* Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders
* Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies
* Deliver reliable and scalable solutions and services, aligned to the Firm's client and shareholder requirements, that reduce risk and balance operational impact and usability
* Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting
* Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation
* As a Security Engineer, you will develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring
* Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting
* Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation
* Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm's security requirements
REQUIREMENTS:
* Strong Information Systems and Technology background with at least five (5) years of experience in Information Security
* Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW
* Experience in security event management and security incident response processes, tools, and procedures
* Experience with scripting and query languages such as python, PowerShell, CQL, and XQL
* Expertise in malware detection technologies and remediation
* Expertise in the following technologies providers (or comparable): CrowdStrike, Palo Alto, Tenable, and Azure
* Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security
* Knowledge and experience with varying information security processes and tools
* Proficient knowledge of IP networking and public cloud security principles
* Understanding of ISO/IEC 27001:2022 ISMS principles
* Ability to identify security technology risks
* Ability to communicate clearly and effectively with people from both technical and non-technical backgrounds
* Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce is working with a local law firm in search of a Security Engineer. This is a hybrid role, 3 days a week on-site in Downtown Pittsburgh, PA.
Responsibilities:
* Security Engineer will administer the Firm's security solutions including, CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM, SEG, PAM/VPAM, EPM, vulnerability scanning, and other security related technology
* Subject-matter-expertise and administer CrowdStrike EDR/NGAV, Identity Protection, and NG-SIEM
* Conduct threat and vulnerability analysis and coordinate attack surface reduction configuration implementation and patching remediation with technical stakeholders
* Demonstrate expertise in information security solutions, operational practices, threats, and emerging technologies
* Deliver reliable and scalable solutions and services, aligned to the Firm's client and shareholder requirements, that reduce risk and balance operational impact and usability
* Lead and improve security event management processes, develop and execute SOP, and conduct incident response preparation, orchestration, investigation, and reporting
* Liaise with our managed security service providers and ensure continuous processes and relationship improvements and maturation
* As a Security Engineer, you will develop methods and controls for migration-to-cloud strategies including CNAPP, CI/CD Pipeline, DevOps guardrails, and Azure CSP controls and monitoring
* Maintain awareness of current and emerging threats, vulnerabilities, and vectors of attack and participate in threat modeling, analysis, and reporting
* Develop end user awareness training and reinforce security concepts through engagement, communication, and simulation
* Participate in security governance, develop policies, processes and procedures, measures, and metrics and ensure compliance with the Firm's security requirements
REQUIREMENTS:
* Strong Information Systems and Technology background with at least five (5) years of experience in Information Security
* Experience managing information security platforms such as EDR, PAM, MFA, SIEM, and NGFW
* Experience in security event management and security incident response processes, tools, and procedures
* Experience with scripting and query languages such as python, PowerShell, CQL, and XQL
* Expertise in malware detection technologies and remediation
* Expertise in the following technologies providers (or comparable): CrowdStrike, Palo Alto, Tenable, and Azure
* Expertise with network design, operation, security, and monitoring, Windows and Linux desktop/server and database security
* Knowledge and experience with varying information security processes and tools
* Proficient knowledge of IP networking and public cloud security principles
* Understanding of ISO/IEC 27001:2022 ISMS principles
* Ability to identify security technology risks
* Ability to communicate clearly and effectively with people from both technical and non-technical backgrounds
* Ability to visualize, plan and execute any areas of process improvement that increase the efficiency and delivery of our security capabilities
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.