Lead Engineer IS Security
Posted on Jan 11, 2020 by Request Technology
A prestigious company is on the search for a Lead Security Operations Engineer.
This role revolves around identifying, implementing, maintaining, and configuring key enterprise security tools and initiatives. This person will responsible for helping manage all security tools and executing the security incident response process for any alerts or events found within their tools set. The preference is that the candidate came up through infrastructure, network, OS, Platform and then got into security. They will be working with security tools and need to be hands on with Web application Firewalls, WIPS, DLP, file integrity monitor, Firewall rule auditor, forensics tools, and vulnerability scanning tools.
- Proactively implements (new, upgrade, maintenance), monitor and support enterprise Security Tools.
- Acts as the subject matter expert for key security tools, technologies and processes owned by the security team
- Performs change control and device configuration management activities on all security technologies
- Provides management level reporting of all critical intrusion or vulnerability detection tools.
- Invokes the security incident response process including security response team activities as well as providing and implementing tactical risk mitigation to incidents
- Actively protects the availability, confidentiality, and integrity of customer, employee, and business information
- Participates in the Risk Assessment Program including identifying and scoring risk.
- Provides vulnerability and threat management monitoring and mitigation response
- Participates in tactical and operational planning of vulnerability assessment activities
- Contributes to Enterprise security team effectiveness by accomplishing additional security related results as needed
- Assists in the review, development, testing and implementation of security plans, products and control techniques
- College degree in related technical/business areas or equivalent work experience required
- Minimum 10 years relevant work experience preferred
- Prior experience coordinating and leading project preferred
- Solid understanding of technology, operations and key business processes.
- Member of SANS or other leading security organizations preferred
- Proven change management skills; Proven change agent who consistently delivers results
- At least two (2) of the following Industry certificates CEH, CISSP, or OCSP required
- Influencing and negotiation skills
- Solid knowledge of UNIX/Linux operating systems.
- Solid knowledge of the common UNIX and Windows utilities, diagnostic and monitoring tools.
- Scripting experience with Perl, Shell and/or Java
- Solid knowledge of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and DMZ configurations.
- Knowledge of the PCI (Payment Card Industry) data security standard and other regulatory concerns (SOX, FCRA, FISMA, etc.)
Relevant Technical Skills
- Information Risk Mgmt: Content filtering technologies, application Firewalls, vulnerability scanners, LDAP, SAML, forensics software, security incident response
- O/S: Linux (Red Hat, SUSE), Windows Desktop (XP, Win7, Win10) and Server (2000, 2003,2008,2012), UNIX (HP/UX, AIX, etc.)
- Network: Firewall and Switching technologies (Cisco ASA, Juniper SRX, Checkpoint, etc...) OSI Model, VPN, IDS/IPS, Proxy/Reverse Proxy, WAF, Two Factor Authentication, RADIUS, Netflow, Anti-SPAM, Vulnerability Scanning/Reporting (Qualys, Rapid7, Nessus, NMAP, etc )
- Software Languages: Perl, PowerShell, Python, SQL
- End Point: Anti Malware, HIPS, Client based Firewall, Whitelisting/Blacklisting technologies, GPO, WMI, BASH.