IT Security Engineer
Job Description: Onsite
Must live in the Las Vegas area or be willing to relocate.
The primary responsibility of the IT Security Engineer includes implementation of security configuration, certificate management, implementations of firmware; firewall rules, proxy rules; and patching for all end points (workstation, mobile, network, server, cloudapps). This position reports to the Senior Manager - IT Security and in collaboration with other IT team resources, partners with Cyber Security organization to drive the secure configuration(s) of the enterprise.
Essential Duties & Responsibilities
Maintain an inventory of service accounts used throughout the desktop computing environment, including the associated software/applications for which they are used.
Maintain an inventory of generic and/or shared user accounts used throughout the organization
Managing System Center Configuration Manager (SCCM) including deployment of IT Security end point agents, desktop patch deployment status, etc.
Ensuring that patches are deployed to all supported workstations, servers, network devices and applications.
Ensuring the secure configuration of all supported workstations, servers, network devices and applications
Managing submission of exceptions related to patch and configurations that cannot be applied
Facilitate change control and management for patching, configuration, software implementation, upgrades and certificate implementation for the enterprise
Responsible for running the cyber security tool suite
Ensure tool effectiveness in terms of making sure it is running according to vendor specification, configuration, and deployment requirements
Ensure package development used to roll end point agents and associated configurations out across the desktop computing environment
Maintaining an inventory of all deployed network devices including; firewalls, routers, switches and other network gear.
Maintain an inventory of all Virtual Local Area Networks and Network Internet Protocol (IP) Addresses, address space and IP assignments, including the development and maintenance of the IP Address Management (IPAM) for the enterprise
Orchestrating deployment of secure configurations and firmware packages for all network devices where security posture is affected
Ensuring that security firmware updates are deployed to all supported network devices
Maintains direction and focus through proactive planning and organized approaches to work
Agrees established goals with team leader, and ultimately achieves these goals
Ability to travel internationally is an essential function of this job
Perform job duties in a safe manner.
Attend work as scheduled on a consistent and regular basis.
Performs other related duties as assigned
Candidates should demonstrate technical understanding across several of these disciplines:
Firewall technologies including application firewalls, appliances and physical devices
Internet proxies, reverse proxies and related filtering technologies
Systems management software such as SCCM,
Vulnerability scanning technologies such as Rapid7, Qualys, Nessus
Software vulnerabilities testing and remediation (OWASP/SANS CWE)
Container platforms and orchestration with Docker and Kubernetes
Scripting with Python, Power Shell, Bash/KSH, YAML
Infrastructure technologies from VMWare, Linux, Microsoft, HCI, Docker
Virtualization with VMware, Kubernetes
O365, Exchange, Identity and Collaboration platforms
Network topologies, protocols, and standards
Network configuration and administration with Cisco, Azure, Silver Peak, Aruba, Corning
Network access and traffic control with Checkpoint, Zscalar, SDWan, SDLan
Monitoring with ITRS, Big Panda, App Dynamics, Dynatrace
Proof of authorization to work in the United States
Bachelor's degree required; advanced degree in technology preferred.
5+ years of relevant work experience
Familiar with IT Security concepts, design principles, best practices, standards, and processes
Exceptional analytical, statistical, quantitative, and deduction skills.
Ability to communicate clearly in a multicultural, multinational environment with both technical and non-technical business stakeholders, as well as executive level management.
Ability to represent information in graphical forms including using modeling languages, developing process flows, creating data and topology diagrams, etc.
Knowledge of secure coding best practices and security framework standards: NIST, COBIT, ISO
Experience implementing controls for privacy legislation such as: HIPAA, COPPA, FCRA, GLB or GDPR
Must be able to work varied shifts, including nights, weekends and holidays.
Must be able to:
Physically access all areas of the company and drive areas with or without a reasonable accommodation
Maintain composure under pressure and consistently meet deadlines with internal and external customers and contacts
Ability to interact appropriately and effectively with guests, management, other team members, and outside contacts
Ability for prolonged periods of time to walk, stand, stretch, bend and kneel
Work in a fast-paced and busy environment
Work indoors and be exposed to various environmental factors.