Linux Security Engineer

Job Title:              Linux Security Engineer

Location:              Must be in Columbia, SC Local Only Hybrid role

Duration:             1 year Contract

Interview:           An Internal Video Technical Screening With My Vendor then Video Interview with the Client

Required Skills
• Possess hands-on administrative experience with IT security technologies, including Snort Intrusion Detection System (IDS) sensors.
• Capable of orchestrating deployments of custom RockyLinux/Red Hat 9/10 operating systems.
• Responsible for applying recommended OS patches and kernel upgrades to maintain up-to-date server operating systems.
• Able to automate recurring tasks using scripting languages, preferably Python or Ansible.
• Manage updates for security tools on Linux systems, configure and deploy both open-source and commercial security tools, and troubleshoot Linux servers and applications at an advanced level.
• Develop strategies to enhance operational workflows.
• Demonstrate foundational knowledge of routers, switches, network VLANs, and VPN configurations. Governance, Risk, and Compliance (GRC):
• Serve as the primary technical contact for internal and external audits, providing evidence of system controls and configurations.
• Conduct technical risk assessments on the Linux environment, identify vulnerabilities, and document remediation plans.
• Translate complex compliance requirements into technical standards for the engineering team.
• Perform vulnerability management by running scans (Nessus, OpenVAS) and prioritizing remediation based on technical severity and compliance impact.
• Assess risk and control design/operation, including process documentation, mapping controls to risks, and identifying gaps.
• Support compliance and audit activities by collecting evidence, tracking issues, managing audit requests, and facilitating walkthroughs and testing.
• Maintain the control library and policies, ensuring alignment with frameworks such as ISO 27001, NIST, SOX, and SOC 2, as applicable.
• Prepare reports and dashboards for leadership, manage metrics, and support governance forums.
• Coordinate with control owners, IT/security, business units, and internal audit teams.
• Automate tasks, notifications, attestations, and periodic assessments within the GRC-Archer tool.
• Manage customer expectations and participate in all required review and regulatory discussions related to assigned projects.
• Ability to lift physical appliances and perform rack and stack operations for servers in the datacenter.