Senior IT Security Engineer
Responsibilities:
? Evaluate, design, implement, operate, and maintain information security technologies, including:
o Firewalls, Intrusion Prevention Systems, Email Security Gateways, Web Security Gateways, Web
Application Firewalls, Vulnerability Management Tools, Security Incident and Event Management
Systems, Anti-Malware Solutions, Remote Access VPNs, and Encryption technologies;
? Provide 24x7 on-call support for IT security infrastructure on a rotational basis;
? Evaluate, design, and implement technical and procedural controls to assure the client’s compliance with
relevant laws, regulations, policies, and standards;
? Analyze and respond to real-time and archived intrusion, vulnerability, and audit data;
? Perform risk assessments on IT products and services and make appropriate recommendations;
? Develop and implement security test plans, compensating controls, policies, and procedures;
? Maintain awareness of up-to-date threat and vulnerability profiles, including related countermeasures;
? Protect the client's information assets by proactively identifying and mitigating risk;
? Execute IT security projects and tasks with minimal oversight;
? Perform other related duties as assigned.
Requirements: (A=Required, B=Preferred, C=Nice-to-have)
A 5+ years of experience in information security engineer role / 7+ years of experience in IT;
A Experience executing IT projects with minimal oversight;
A Information security certification (CISSP, CISA, GSEC, etc.);
A B.S. in Computer Science (or related field) or 10 years of experience
A Experience applying information security standards and frameworks from NIST, CIS, ISACA, etc.;
A Extensive experience administering and securing Windows workstations and servers (certification preferred);
A Extensive experience troubleshooting network, software, and hardware issues;
A Expert-level knowledge of a wide range of core security technologies, including most if not all of:
? Firewalls (Check Point experience and certification preferred),
? Intrusion Prevention/Detection Systems (IPS/IDS),
? Email Security Gateways (anti-spam systems),
? Web Security Gateways (ex. Websense, Blue Coat, etc.),
? Network Vulnerability Testing Tools (ex. Nessus, Retina, NeXpose, etc.),
? Security Incident and Event Management (SIEM) Systems (ex. LogRhythm, ArcSight, etc.)
? Antivirus Software (ex. SEP),
? Malware Removal Tools (ex. Malwarebytes),
? Remote Access VPNs, and
? Encryption solutions;
A Familiarity with a wide range of standard concepts and protocols along including their security implications,
? Examples: TCP/IP, DNS, DHCP, NTP, HTTP, FTP, SSH, TLS/SSL, IPsec, RADIUS, Kerberos, LDAP, SNMP, SQL,
B Experience with information security compliance audits (ex. PCI, SOX, HIPAA, NERC, FISMA, etc.);
B Familiarity with and experience securing UNIX/Linux servers;
B Familiarity with and experience securing network infrastructure;
C Familiarity with and experience securing SQL Server and Oracle databases;
C Familiarity with and experience securing web-based applications;
C Experience deploying and configuring application security technologies, including:
? Web Application Firewalls (ex. Imperva, Barracuda WAF, etc.),
? Application Vulnerability Testing Tools (ex. AppScan, Burp Suite, etc.), and
? Application Whitelisting solutions (ex. Bit9, AppLocker, etc.);
C Experience drafting reports for and presenting to executive-level audiences;
C Experience developing security awareness training materials
C Scripting experience (Bash, Python, etc.)
C Penetration testing experience
OSPF, BGP, VLAN, 802.1x, 802.11, VPN, NAT, and PKI;Loc ; West Palm Beach, FL
https://docs.google.com/viewer?a=v&pid=forums&srcid=MTYwNjg2ODc4MDc1MjA0NDY4MzkBMTMyNDE3NTQ1OTExMDE2NTA5NDkBaHByYVRIdC12VlFKATAuMQEBdjI
Key Skills: