Overview
Skills
Job Details
Location: REMOTE
Duration: 6+ month contract-to-hire (CTH)
Status: US Citizens andHolders
Role: Information Security Engineer [OnPrem]
Job Summary: Seasoned Information Security Engineer to enhance OnPrem security capabilities.
Job Description: This role requires a deep understanding of the intelligence cycle, security investigation autonomy, and advanced knowledge in security frameworks and technology solutions. The ideal candidate will have extensive experience in Security Engineering.
<> </><>Job Responsibilities:</><> </>Intelligence and Investigations: Utilize the intelligence cycle effectively; independently conduct detailed security investigations.
Risk Management: Analyze and reframe risks, effectively utilizing a 5x5 risk matrix.
Vulnerability Management: Apply frameworks such as CVSS and EPSS for vulnerability assessment and classification.
Security Architecture: Implement and manage defense-in-depth strategies; respond to incidents efficiently.
Briefing and Reporting: Prepare and deliver concise security briefings on complex concepts to various stakeholders.
SDLC and Security Integration: Demonstrate a thorough understanding of the SDLC and integrate security practices effectively throughout.
System Design and Analysis: Describe and utilize various system design patterns and technology families including LAMP Stack, ETL Pipelines, MDMs, Microservices, and CICD Pipelines.
Threat Modeling and Analysis: Conduct robust threat modeling for various systems.
Technique Understanding: Have a keen understanding of common TTPs used by threat actors and the defenses against them.
Scripting and Automation: Develop scripts in Python to support system integrations and analysis.
Cloud Technology: Build and manage basic components in cloud environments.
Data Analysis: Conduct moderate data analysis using preferred tools to drive decision making.
Security Operations: Understand and develop the technological, administrative, and procedural aspects of security operations.
Training and Mentoring: Mentor and provide guidance to team members across all seniority levels.
Security Standards Development: Lead in the development and implementation of technical security requirements and standards.
Security Reviews: Perform thorough security reviews on products and services, ensuring secure design principles.
<> </><>MUST HAVES:</>- Proficient in scripting languages such as Python, Bash.
- Experience with security tools and services within AWS.
- Familiarity with security and compliance frameworks and standards.
- Familiarity with intelligence or cyber threat intelligence and how this drives security operations and engineering.
- Familiarity with SIEM, EDR, Firewalls.
If interested then please provide full candidate details and quantify the following number of years and projects as well as list clients and certifications
QUALIFICATION
Information Security number of years
Security Engineering number of years
OnPrem Security number of years
Cloud Security number of years
Intelligence and Investigations Yes/No
Risk Management Yes/No
Vulnerability Management Yes/No Security Architecture Yes/No
Briefing and Reporting Yes/No
SDLC and Security Integration Yes/No
System Design and Analysis Yes/No
Threat Modeling and Analysis Yes/No
Technique Understanding Yes/No Scripting and Automation Yes/No Cloud Technology Yes/No
Data Analysis Yes/No
Security Operations Yes/No
Training and Mentoring Yes/No
Security Standards Development Yes/No
Security Reviews Yes/No
Scripting languages [Python, Bash, etc.]
AWS Security tools/services [IAM, GuardDuty, Inspector, Shield, Outposts, etc.]
Security/Compliance frameworks/Standards [CSF, CIS, COBIT, etc.]
Threat Intelligence [EC2, CrowdStrike, Dynatrace, etc.]
Firewalls [SIEM, EDR, etc.]
Information Security Engineer [OnPrem] for {list client(s)}
Other Information Security Engineering roles include {list client(s)}
Certification [list certification(s)]