Security Operations Engineer

Local Richmond candidates preferred due to this requirement.

ON-SITE interview: *Candidates MUST agree to ONSITE interviews, NO exceptions. Might do a phone screen filter if the applicant count is high.
Client is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of security policy, intrusion detection/prevention systems, perimeter security Technology, and Information security.

Job Overview:

Client is seeking an experienced Senior Security Operations Engineer with in-depth knowledge and hands on experience in the areas of Information Systems security, security policy, intrusion detection/prevention systems, firewalls, anti-virus software, anti-malware, anti-phishing, authentication systems, log analysis and management, web content filtering; network protocols and security/authentication protocols at all layers of the OSI model with emphasis on TCP/IP, web security gateways, network access control, endpoint security, and perimeter security technologies. The Senior Security Operations Engineer contributes to the overall technology roadmap.

Key Responsibilities:

• Participates in the design, implementation and support of security infrastructure for the Department.
• Identifies network and information security risks across the enterprise, design, engineer, implement security solutions to address the risks at an enterprise level.
• Works closely with the IT Division and outside vendors to effectively design, plan, deploy, secure and update network projects in the environment.
• Effective collaboration with the Office of Information Security OIS and other ITD groups is maintained.
• Strategic Plan items pertinent to the Network Security Operations group are completed.
• System policies and procedures are created, documented, and maintained.
• Perform network scans and penetration testing. Monitors log analysis and management tools for threats.
• Evaluate vulnerability scan results and notify business, application, and infrastructure teams of vulnerabilities in need of remediation.
• Evaluate and participate in agency Azure cloud solution review of network, security, and general project involvement.
• Ensure all daily functions that are required to maintain security applicable systems and applications are documented.
• Work with the agency s ISO team and the IT Auditors to review security audit findings and vulnerability scans results. Identify recommended correction activities and course of action, once determined communicate with the various stakeholders.
• Device configurations are based on best practices.
• Relevant documentation is kept up to date.
• Coordinating the handling and resolution of incidents related to security.

Skill Matrix: