Sr. Security Engineer SME
Direct Hire/Fulltime Role
Location: Atlanta, GA
Job Summary: We are seeking an experienced senior information security operation engineer with a background in vulnerability assessment, security log management and incident response. This is a mid-level technical role in a fast-paced growing security organization.
Essential Duties and Responsibilities:
- Working withsecurity tools and API integration work including writing scripts and development of automation around detection and remediation activities.
- Given the growing nature of the organization, you will work closely with otherinternal and external groups and may also assist in othersecurity activities as necessary in
response to assessments and/or audits.
- Implementing and operating vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for
security improvements to existing processes and technology, and participating in and leading incident response efforts.
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required:
Required Education, Skills or Experience:
- Minimum of 7years of information security work experience.
- Experience with Web Application Firewalls (Imperva SecureSphere is a huge plus)
- Atalla HSM experience and DB experience.
- Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc.
- Response to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing)
- Effective writing skills; ability to produce clear, concise and high-quality technical and business documents.
- A desire to work collaboratively in a small, cross-functional team.
- A strong sense of accountability and self-motivation.
- An ability to think critically and an aptitude for problem solving;
- At least 7years of system/networksecurityexperience, including threat modeling, threat assessments, risk identification techniques, penetration testing
- Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols)
- Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng
- Penetration testing experience
- Application and databasesecurityexperience, including code reviews
- Network and securityengineeringexperience, including log and network traffic capture Analysis
- Bachelor?s in computer science (or equivalent) degree
- IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security,
RHCSA or RHCE, MCP or MCSE) are a plus