Job Title: Senior Security Engineer
Tasked with addressing information security concerns across the enterprise. Under the direction of the Director of IT Security (who reports directly to the CIO), the IT Security team carries out duties of protecting the company information assets.
Primary responsibilities fall into the following categories:
- Manage security-centric infrastructure components such as IPS, IDS, DLP, AV and various scanning tools.
- Identify, track and help remediate vulnerabilities and other security concerns.
- Review and provide system security requirements/guidance on new initiatives, applications, systems and services.
- Participate in incident response activities.
Primary Desired Skills and Experience:
- Network Firewalls (Check Point, Fortinet, Palo Alto, Cisco, Juniper, McAfee, TippingPoint, etc.)
- Intrusion detection/prevention (TippingPoint, McAfee, Sourcefire, IBM, etc.)
- Network infrastructure (HPE, Aruba, Cisco, Juniper, etc.)
- Sandboxing and Analytics (FireEye, Damballa, Check Point, Fortinet, Palo Alto, etc.)
- Application security (F5, Imperva, Citrix, Akamai, etc.)
- Network proxies (Blue Coat, Zscaler, McAfee, Websense, etc.)
- Network admission control (NAC) (Aruba ClearPass, ForeScout, Cisco, etc.)
- Firewall management and auditing (FireMon, Tufin, AlgoSec, RedSeal, Skybox, etc.)
- Network packet brokers (Gigamon, IXIA, NetScout, etc.)
- SSL decryption (Blue Coat, F5, Gigamon, IXIA, etc.)
- Cloud access security brokers (CASB) (Symantec / Blue Coat / Elastica, Adallom, Skyhigh, etc.)
EDUCATION & WORK EXPERIENCE REQUIRED:
- Bachelors degree required
- A technical bachelor degree is preferred.
- 8+ years of relevant professional system engineering or administration experience, with significant exposure to a variety of technologies and domains
- 5+ years of advanced working knowledge of Windows and Linux operating systems
- Experience automating server configurations to include standard build installations and system security hardening
- Experience writing standard operating procedures, system requirements, and other technical documents
- Experience centrally monitoring systems for alerts and incident management functions; preferable with Amazon CloudWatch
- Scripting language experience (Python, NodeJs, etc.), Strong working knowledge of automation tools such as (Puppet, Jenkins, and Chef). Working knowledge of RDS database such as PostgresSQL, Oracle, and MySQL
- Should possess one or more of the following certifications – CISSP, SANS GCIH, Vendor Certifications (CISO, Palo Alto, McAfee, IBM etc).