Staff Security Engineer

Job Description

Staff Security Engineer

Location: Englewood, CO – in office

# Positions: 1

Visa Status: Any, as long as they can convert to full-time after 90 days

Length: 90-day CTH

Salary: 145K

Interview Process/Timeframe:

• Spark Hire
• Interview with hiring manager
• Assessments
• Panel Interview
• References

Responsibilities:

Security Engineer is tasked with addressing information security concerns across the enterprise. Under the direction of the Director of IT Security (who reports directly to the CIO), the IT Security team carries out duties of protecting the company information assets.

Primary responsibilities fall into the following categories: 

• Manage security-centric infrastructure components such as IPS, IDS, DLP, AV and various scanning tools.
• Identify, track and help remediate vulnerabilities and other security concerns.
• Review and provide system security requirements/guidance on new initiatives, applications, systems and services.
• Participate in incident response activities.

Qualifications:

KNOWLEDGE, SKILLS & ABILITIES

Primary Desired Skills and Experience:

• Intrusion detection/prevention (Palo Alto, TippingPoint, McAfee, Checkpoint, etc.)
• Database security (Imperva, etc.)
• Data encryption solutions (Thales / Vormetric, etc.)
• Network proxies (Zscaler, McAfee Web Gateway, etc.)
• Data loss prevention (DLP) (Symantec, McAfee, Zscaler, etc.)
• Network and/or desktop encryption (PGP, Gemalto / SafeNet, Thales / Vormetric, etc.)
• SSL decryption (Zscaler, F5, etc.)
• Application security (F5, Okta ASA, Beyond Trust, etc.)
• Cloud access security brokers (CASB) (Palo Alto, McAfee Skyhigh, Zscaler, etc.)

Additional Desired Skills and Experience:

• Log collection and aggregation (Logz.io, ArcSight, McAfee / Nitro, Splunk, IBM/QRadar, etc.)
• Public key infrastructure (PKI)
• Network Firewalls (Check Point, Fortinet, Palo Alto, Cisco, Juniper, McAfee, TippingPoint, etc.)
• Knowledge of security technologies such as SIEM, Firewall/NGFW, EDR / DLP, UEBA and hybrid/Cloud Security environments
• Experience with automation (Ansible, Chef, Puppet, python)
• Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
• Excellent verbal and writing skills and the ability to communicate effectively with all levels.
• Experience migrating applications from the enterprise to public cloud providers (e.g. Amazon, Google, or Microsoft)
• Good understanding of private and public cloud design considerations and limitations in the areas of virtualization and global infrastructure, distributed systems, load balancing and networking, and security.
• Working knowledge and experience with project and portfolio management tools, preferably Service Now, Microsoft Project, and/or Jira

EDUCATION & WORK EXPERIENCE REQUIRED

• 8+ years of relevant professional system security engineering or administration experience, with significant exposure to a variety of technologies and domains
• 5+ years of advanced working knowledge of Windows and Linux operating systems
• Experience automating server configurations to include standard build installations and system security hardening.
• Experience writing standard operating procedures, system requirements, and other technical documents.
• Experience centrally monitoring systems for alerts and incident management functions; preferable with Amazon CloudWatch
• Scripting language experience (Python, NodeJs, etc.), Strong working knowledge of automation tools such as (Puppet, Jenkins, and Chef).
• Bachelors degree required (technical bachelor degree is preferred).
• Preferred security certifications:
  • CISSP
  • GIAC
• Preferred vendor certifications:
  • Palo Alto
  • Zscaler
  • McAfee
  • F5
  • Checkpoint