Senior Security Engineer

About the Role

The primary responsibility of the Senior Information Systems Security position is to ensure the confidentiality, availability and integrity of Client's data, computer systems and network devices by recommending, implementing and utilizing security defense systems to reduce the opportunity of cyber attacks.
Responsibilities:

• Research and investigate the potential impact of new threats and exploits. Conducts log analysis and other network forensic investigations.
• Identify, design and execute security projects that improve detection and response capabilities.
• Collect threat intelligence and automate systems to consume threat feeds and track adversaries.
• Develop alerting and detection strategies to investigate any unusual behavior.
• Conduct various network security scans and penetration tests to detect cybersecurity threats and identify weaknesses that may be exploited by malicious parties.
• Solely performs implementation analysis and technical risk assessments on systems to ensure conformity to current security standards and operational support requirements are being met.
• Manages on-time delivery of assigned tasks against existing plans and schedules.
• Design, implement and support Information Security tools and infrastructure systems maintained by the Client Information Security Organization. Examples of such tools are web filtering technology, IDS/IPS appliances, SIEM tools, anti-spam/antivirus systems, data leakage appliances, content screening servers, VPN systems and firewalls.
• Maintains knowledge of applicable rules, regulations, policies, laws and guidelines that impact Client.
• Participates in the creation of effective security controls designed to promote adherence with applicable laws and accreditation agency requirements. Seeks advice and guidance as needed to ensure proper understanding.
• Stays abreast of new developments in the field of technology and security by attending seminars/workshops, reading professional journals, and actively participating in professional organizations. Integrates knowledge gained into current work practices.

Requirements:

• Must have a Bachelor s degree in Management Information Systems.
• Must have six years of experience in an information systems security domain with a background in mobile device security, endpoint protection, wireless protection, vulnerability management, incident response and mitigation, threat research and cyber intelligence analysis or other cyber security domain.
• Must have a current CompTIA Security+ Certification or equivalent industry certification, background and knowledge.
• CISSP.
• Knowledge of NIST, HITRUST, PCI, HIPAA Security Rule and associated common security frameworks.
• Professional experience in a system administration role supporting multiple platforms and applications.
• Must have the ability to perform complex research in order to determine industry standard products and solutions in response to security requirements.
• Must be able to perform technical risk assessments and implement corrective actions regarding the safeguarding of information systems.
• Must be able to independently implement and maintain complex information security tools and provide guidance to other technical staff on proper use of the tools.
• Working knowledge of design, implementation, and maintenance of: Local area networks, Microsoft Active Directory / GPO, Data Loss Prevention, Encryption Technologies, Intrusion Detection Systems, Intrusion Prevention Virtual Private Network, Linux Operating Systems, Windows Operating Systems, Communication Protocols, Multi-factor authentication, Cloud Access Security Broker, Endpoint Detection and Response Technologies, Security Information and Event Management Tools.
• Must have advanced working knowledge of network and vulnerability assessments, malware analysis, threat intelligence and vulnerability management.
• Direct experience with anti-virus software, intrusion detection, firewalls and content filtering, and with hacker techniques and network security principles.