The LeadInfrastructure and CloudSecurity Operations Engineer is a key member of theInfrastructure& Operations team, and has several areas of focus:
- Drive security incident response and readiness efforts as part of a 24x7 Security Operations Center within the Infrastructure and Operations team, and act as a technical lead to other SoC team members.
- Provide security architectural review, guidance and oversight for Infrastructure and Operations teams’ processes, deployments, changes, etc.
- Apply a risk-based approach to prioritize security- and compliance-related efforts within the Infrastructure and Operations teams; follow-up with team members on deliverables, communicate status and liaise with global security teams and management.
Duties and Responsibilities include the following. Other duties may be assigned.
- Ensure security and compliance of the systems, processes and solutions with internal standards, industry compliance standards and best practices. Assist operations engineers by providing prioritization and follow-up on security-related tasks.
- Analyze and report accurately and regularly on gaps, risks, failures, efficiencies, improvements, coverage, licensing, etc.
- Operate security related tools (HIDS, NIDS, IPS, Analyzers, Scanners, etc.) to identify active threats, attacks, vulnerabilities, exposures, etc., and prioritize for activity within the team. Assist in speedy identification of mitigation/remediation solutions
- Develop/deploy/administer/support/remediate security tools and processes to meet business requirements. Leverage concepts such as automation, templating, multiple inheritance, error-handling, and code re-use to ensure efficient and simple operation.
- Troubleshoot and remediate errors/failures related to securityevents, applications, network, storage, and so forth. Perform root cause analysis for major events.
- Provide support and expertise to other systems and network engineers and administrators, and act as a backup or “secondary” for other areas of responsibility (for example, firewall administration)
- Interact with technical and non-technical staff from various business units to assess needs, communicate options, and design and implement suitable solutions.
- Create and maintain documentation relating to the job function and the environment: architecture, integrations, code, and application settings. Complete knowledge transfer within the team. Mentor other team members.
- Participate in regular on-call duty and perform after hours work as needed to support business needs, especially participating in a 24x7 Security Operations Center with warm hand-offs.
- Follow team processes; contribute to refinement of processes.
- Otherduties as assigned
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
Education and/or Experience
- Required education /experience
- Ten years’ proven experience delivering complex technical solutions including planning, development, implementation and support
- Subject matter expert in systems and networksecurity tools and processes.
- Subject matter expert in systems and network administration.
- At least two years of security engineering experience.
- Strong working knowledge of general OS, application, database, storage and networking concepts, systems administration practices, etc.
- Strong scripting skills in at least one major scriptinglanguage (e.g., bash, python)
- Experience conducting vulnerability detection efforts
- Experience managing active security incident response efforts.
- Strong experience with virtualization technologies, especially VMware ESXi
- Nice to have:
- Certified Ethical Hacker
- Experience conducting penetration testing
- Experience performing forensic attack analysis
- Knowledge of Storage Area Networking and network attached storage, and related replication technologies.