Systems Engineer, Mobility & Security

Annese & Associates   •  

Rochester, NY

Industry: Professional, Scientific & Technical Services

  •  

5 - 7 years

Posted 154 days ago

Company Description

Annese, a ConvergeOne Company, is a Northeast technology solutions integrator with an above average Net Promoter Score and impressive partner portfolio featuring Cisco, NetApp, AWS, and HPE. Annese & Associates, Inc. was acquired by ConvergeOne in 2017 due to an impressive 47 years of expertise, relationships, and innovation in the IT space. Guided by our services methodology, Annese continually ranks on the Inc. 5000, SP500, and Tech Elite 250 lists, and is recognized as a four-time Best Company to Work for. Our company was built on making connections. Today, these connections extend beyond devices, networks, and borders; we connect people to people, and bring ideas to action.

Job Description

The Systems Engineer, Mobility & Security is an individual contributor with broad based knowledge in multiple domains of information security, translating securityarchitecture designs received by them into infrastructure or service based solutions predicated on lowering our customer’s exposure to unnecessary risk, and elevating the level of protection for electronic and physical assets.

This role can be focused on a single client and a single project or can span across multiple clients or projects as assigned over time. This role may be both tactical and strategic in focus and in large part, executes designs and plans working in concert with a Solutions Architect, Security or a Senior Solutions Architect, Security.

Essential Responsibilities/Accountabilities:

  • Lead select security implementation projects with expertise in web, application, cloud and networksecurity
  • Assist customers in forming responses and action plans to external and internal audits and external security assessments.
  • Participate and sometimes lead securityrisk assessments, penetration tests, and helping to diagnose and isolate internet, intranet and extranet intrusion attempts.
  • Work closely with customer defined DevOps and Engineering staffs to proactively identify and fix or patch security flaws and vulnerabilities.
  • Recommend and assist in the application of security “templates”, that is hardened build instructions for both network and servers
  • Recommend and assist in the coordination of disaster recovery procedures in the event of a security breach.
  • Research emerging technologies in support of security enhancement and development efforts.
  • Implement new technologies (to the customer) based off their future state architecture designed to improve security posture and lessen exposure to various threat conditions
  • Perform security based upgrades, new installations, enhancements and configuration changes to compute and network components
  • Based on project statement of work, monitor daily operations and troubleshoot security problems remotely or on-site
  • Implement security tools and systems (Intrusion Detection System, Intrusion Prevention System, Virtual Private Network, Web Application Firewall, Data Loss Prevention, Endpoint Protection, Enterprise Detection and Response, honeypots, SIEM, Vulnerability Scanners, Web Proxies, Forensic toolkits, Multi-Factor Authentication, key management) in customer heterogeneous computing environments that make span on-premises, colocation, private and public cloud computing environments
  • Perform security reviews of server/network/web application design within a virtualized environment and ensure compliance with organizational security policies, compliance objectives or security best practices.
  • Test physical and logical access control methods for efficacy and understanding across the customer’s environment
  • Prescribe and educate customer tooling to detect, investigate and recover from security incidents as well as assisting with incident response planning
  • Responsible for raising company-wide security awareness and monitoring information security related web and social sites to stay up to date on current attacks and trends.
  • Analyze potential impact of new threats and exploits and communicate risks to relevant business units/IT staff
  • Participate and provide technical input in meetings with account team including colleagues, managers and account managers regarding account status, ongoing issues and solutions.
  • Complete projects at client sites thoroughly and on-time.
  • Resolve service delivery and client issues as needed.
  • Submit detailed records in a timely manner (time sheets, tickets, reports, etc).
  • Identify and escalate business and technical challenges as appropriate.
  • Keep accurate, timely and thorough client site documentation.
  • Attend and participate in regularly scheduled team meetings.
  • Available for on-call and emergency response as needed.
  • Identify and recommend improvement opportunities that are consistent with client needs.
  • Professional appearance as outlined in the Annese handbook.
  • Off-hour work and overnight travel may be required.
  • Maintain a high level of professionalism with customers, vendors and staff.
  • Perform all responsibilities in alignment with the core values of Annese & Associates, Inc.
  • Follow Annese standardized processes and procedures for technology implementation.

Qualifications

  • Complete understanding of all 7 Layers of the OSI Model: Physical, Data, Network, Transport, Session, Presentation, Application
  • Languages: experience in two or more of the following: HTML, VBScript, VB.NET, Linux Shell Script, PowerShell, Javascript, SQL, C#, C, Python, Perl, Ruby, Java
  • Troubleshooting Skills: Packet tracing and Process Debug, ability to solve system interdisciplinary performance problems or availability events
  • Technologies & Protocols: Majority of the following: TCP, HTTP, SSL, FTP, VPN, LDAP, DNS, DHCP, SMB, NFS, iSCSI, FCOE, FCP, SMTP, knowledge of cloud based architectures: in particular AWS; IAAS, PAAS, SAAS, Sec-As-A-Service, plus some of the following commercial and open source tools: Nessus, NMAP, Qualys, OpenVas, OSSEC, OpenSnort, John the Ripper, Metasploit, Wireshark.
  • Security Information & Event Management: Prior experience with systems design relating to event correlation and analysis from a variety of sources – Network and Host Based IDS/IPS, Web Application Firewalls, Email Security Gateways, Syslogs
  • Big Data Exposure: Basic conceptual knowledge of technologies: Hadoop, Kafka, Storm, Spark plus exposure to large scale event correlation tools like Splunk or Oracle Analytics beneficial
  • Solid Prior or Current Hands-on Skills are needed in the following technologies:
  • Operating Systems (Combined Server and Desktop):
  • Windows NT to 2012 R2
  • Windows XP to Windows 7 minimum; Windows 8 & 10 Beneficial
  • Linux (RHEL preferable, but other distros: CentOS, Fedora, Ubuntu, Debian can all substitute)) up to 7.2 (November ’15 release), must be able to execute a wide array of Linux System and Network Commands from a Command Line, not a GUI.
  • MAC OS (7.0 to 10.6.8)
  • Mobile OS for Future MDM Support
  • iOS (7.1.2 to 9.3.x) & Android (Ice cream sandwich to marshmallow)
  • Windows Mobile not required
  • Any Cisco Security Certification valued; CISSP or CEH a big plus, MCSE beneficial
  • 5 Years’ Experience managing Cyber Security technology
  • 7 Years of Overall Experience with a combination of Security, Infrastructure and Applications management
  • Experience with App Tier Server Platforms including JBOSS, WebLogic or WebSphere & Web Tier Software including: MS IIS & Apache Tomcat
  • Must understand content and policy for Cisco ISE and MSE
  • Must have MDM tool experience: AirWatch, Mobile Iron, Symantec, or Meraki (just one)
  • Experience with Cisco ASA Firewall preferred. Helpful to have experience with Juniper, Palo Alto or CheckPoint; FirePower; AMP for networks and endpoints.
  • F5 BigIP and F5 WAF experiencedesired
  • Endpoint protection: Sophos, Trend, Symantec, McAfee mandatory; EDR products like Carbon Black or Cylance beneficial
  • Working knowledge of PCI, HIPAA, SOX 404, GLBA
  • Must understand threats: Trojans, Worms, Virus’, Phishing, Flash, WordPress, DDOS, Ransomware
  • Must understand the cyber-kill chain: reconnaissance, weaponization, delivery, exploitation, installation, command and control.
  • High level knowledge of key steps and processes of digitalforensics/incident response
  • Cursory familiarity with NIST 800 Series and ISO 17799