Senior Information Security Engineer

Job Overview

Our client has an excellent remote opportunity for a Senior Information Security Engineer!  

 

Responsibilities

  • Involvement in the implementation of new security solutions.
  • Independently work within the IT Infrastructure groups to see projects through completion.
  • Maintain regulatory compliance by making project recommendations to the Director of Information Security regarding architecture, processes, and procedures to help maintain a regulatory compliant environment that meets current and future business objectives.
  • Liaise, as a highly valued team member, with many business units and the Information Security Team to plan current and future technical designs that will help achieve a secure environment (at the direction of management, additional duties may include providing support at an intermediate level to include an “On Call” rotation).
  • Manage Information Security owned projects as well as provide input and guidance to other IT projects.
  • Conduct penetration tests and communicate results with various stakeholders.
  • Identify and remediate issues that impact the security of the information enterprise.
  • Generate documentation relevant to information security solutions.
  • Actively participate in information security reviews and audits.
  • Interact with the Security Operations Center (SOC) regarding information generated from logs, SIEM, and other sources to effectively respond to emerging threats.
  • Participation in the creation and or maintenance of policies, standards, baselines, guidelines, and procedures.
  • Conduct vulnerability audits and assessments.
  • Investigate security incidents; and ensure proper documentation of security events.

 

Requirements:

  • 5-7 years of experience designing and developing security solutions in a complex and multi-business unit environment.
  • Strong organizational, problem-solving, and communication (both written and verbal) skills.
  • Ability to learn new technologies and concepts quickly and apply that knowledge effectively.
  • Understanding of network concepts and infrastructure (LAN, WAN, routing, switching, and WLAN).
  • Penetration testing tools such as Metasploit.
  • Next generation firewalls.
  • Endpoint security (AV, HIPS, Application Whitelisting, DLP).
  • Forensic analysis.
  • File Integrity Monitoring.
  • Systems hardening.
  • Mobile Device Management.
  • Proxy and Web Content Security.
  • Vulnerability Management.
  • Email Content Security.
  • Two-Factor Authentication.
  • SSL And Site-To-Site VPNs.
  • File Integrity Monitoring.
  • Advanced Malware Analysis (manual and automated toolsets).
  • Public Key Infrastructure.
  • PCI/DSS.
  • Incident Response.
  • Information Security program lifecycle and development (policy, process, procedure).
  • Experience with the AWS Cloud, specifically network configuration, security groups, IAM.
  • Strong scripting and automation skills preferred (i.e. – Python, Regex, JSON, Powershell).
Job Detail
Shortlist Never pay anyone for job application test or interview.