IT Security Engineer
St, Louis, MO 63105
ABOUT THE POSITION
This position serves as a technical lead for the information security program by contributing to the administration and development of an enterprise wide security risk program, policies and procedures. As an IT Security Engineer, you will lead the implementation of new and existing security technologies, and participate in security incident and event management. This role will also provide input into new security strategies and trends as well as measure and report on the processes that affect the confidentiality, integrity, and availability of the overall organization security posture.
Your core responsibilities will be to:
- Own responsibility for security software and tools implementation, as well as provide support services in coordination with internal infrastructure team and outsourced security operations team.
- Design, configure, implement and maintain all security platforms and their associated software, such as routers, firewalls, intrusion detection/intrusion prevention, anti-virus, URL Filtering.
- Manage a variety of technical security auditing capabilities, including a holistic auditing approach of applications, databases, servers, networking devices, and software.
- Remediate OS and network security weaknesses and vulnerabilities as identified during vulnerability and other security assessments.
- Ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices outlined in the System Security Plan
- Provide ongoing security oversight of assigned systems as to the security impact of proposed modifications, additions, and technology refresh initiatives.
- Perform investigations in partnership with Legal, IT, HR and others groups as required for policy violations, employee misconduct, criminal activity, workplace threats.
- Develop system level documentation for security infrastructure including data flow diagrams, system architecture maps and update System Security Plans and POA&M documents.
- Apply conceptual knowledge and best practices, follow established security standards in development and implementation of cyber security systems, procedures.
- Create security metrics and reports including assessment-based findings, outcomes and propositions for further system security enhancement.
- Participate in the planning, installation, configuring, monitoring, and deployment of server and Network equipment and associated applications.
- Perform maintenance of security infrastructure to include updates and patching of software and hardware.
- Provide L3 operational support to security operations and resolve complex production issues. Participate in problem and change management board meetings.
- Ensure business and technical requirements are aligned with security policies and are implemented within regulatory and corporate compliance.
To succeed in this position, you must:
- Be a U.S. Citizen or a Permanent Resident.
- Have a Bachelor’s Degree in Information Security, Computer Science or related discipline.
- Have a working knowledge of IT security frameworks and standards such as ITIL, ISO27001/2, and NIST 800-171, 800-53.
- Have 7+ years’ experience working in a multi-site environment with responsibilities in multiple domains such as O/S platform hardening, vulnerability management, endpoint security, security, web application and browser security, penetration testing, cryptography, network protocols and secure network design.
- Possess hands-on knowledge of security systems and tools such as Palo Alto Firewalls, Infoblox DNS, IPAM appliances, McAfee Endpoint Disk Encryption, Bradford Network Sentry, etc.
- Possess knowledge of Private Cloud based secure deployments (Azure, AWS) as well as SaaS based application security (Office 365, Skype, Cisco Spark).
- Have experience in LAN and WAN technologies, network design, network management etc.
- Have experience with Privilege Access Management systems, Multi-factor Authentication and SSO technologies such as CyberArk, Centrify, RSA SecurID.
- Have experience with Security Incident and Event Management systems such as LogRythm, ArcSight, RSA Netwitness.
- Possess knowledge of IDS, IPS, Endpoint Security, DLP, and various scanning tools.
- Be familiar with Tenable Security Center and Nessus.
In addition to meeting the basic requirements, the most successful candidates will also have:
• A Certified Information Systems Security Professional (CISSP) Certification.