Our client is seeking a Security Engineer who will be responsible for designing IT infrastructure. This candidate will maintain current knowledge of attack techniques used by adversaries against any of the components being engineered into new or updated systems. Using their technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems and applications to specify solutions, he/she will verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired.
- Deep knowledge in NetworkSecurity and Operating System SecurityArchitecture
- Wide breadth of knowledge across production security products, tools, and industry trends
- Perform requirements analysis and develop hardware/software solutions to business requirements
- Prepare and maintain security operating procedures and associated documentation.
- Identify inefficiencies and make suggestions for process improvements.
- Works withtechnology teams on placement and configuration of key monitoring and prevention tools.
- Enhances existing design and competence by planning delivery of solutions; answering technical and procedural questions for less experienced team members; teaching improved processes; mentoring team members.
- Determine security requirements by evaluating business strategies and requirements; researching information security standards; conducting system security and vulnerability analyses and risk assessments; studying architecture/platform; identifying integration issues; when needed preparing cost estimates.
- Plans security systems by evaluating network and securitytechnologies; developing requirements for applications, OS, data in motion and data at rest; designs public key infrastructures (PKIs), including use of certification authorities (CAs) and digital signatures as well as hardware and software; adhering to industry standards.
- Writes requirements and implementation guidelines for implementation engineers
- Verifies security systems by developing and implementing test scripts.
- Maintains security posture by monitoring and ensuring compliance to standards, policies, and procedures; conducting incident response analyses; developing and conducting training programs.
- Prepares system securityreports by collecting, analyzing, and summarizing data and trends.
- Updates job knowledge by tracking and understanding emerging security practices and standards; participating in educational opportunities; reading professional publications; maintaining personal networks; participating in professional organizations.
- 10+ years’ experience in Information Technology focusing on Information Security
- Bachelor’s Degree in Computer Science
- CISSP (CISSP:ISSAP is a plus), GIAC, or similar certification
- Solid understanding of TCP/IP and networking concepts
- Solid understanding of Operating system security concepts
- Extensive experience in deploying and manage networksecurity productions platforms (Firewalls, Proxy, IDS/IPS, Load balancers, etc)
- Understanding of malware, emerging threats, attacks, and vulnerability management
- Strong deductive reasoning, critical thinking, problem solving, and prioritization skills
- Experience assisting the development and maintenance of tools, procedure, and documentation