Lead Cyber Security Engineer
Posted on Jan 23, 2020 by Request Technology - Craig Johnson
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking a Lead Cyber Security Engineer. Candidate will drive the efforts to safeguard the confidentiality, integrity and availability of the enterprise infrastructure and information assets. Candidate will be identifying, implementing, maintaining, and configuring of key enterprise security tools and initiatives while taking some direct responsibility for driving the results. Included are key security tool such as Web Application Firewalls, WIPS, DLP, File Integrity monitor, Firewall Rule Auditor, Forensics Tools, Vulnerability Scanning Tools, and Key Encryption as well as other security devices and operations. Candidate will be be responsible for management of all Security tools, executing the Security Incident Response process for any alerts or events found within their tools set or from additional sources as well as identifying and scoring risk related to the Enterprise.
Proactively implements (new, upgrade, maintenance), monitor and support enterprise Security Tools.
Acts as the subject matter expert for key security tools, technologies and processes owned by the security team
Performs change control and device configuration management activities on all security technologies
Provides management level reporting of all critical intrusion or vulnerability detection tools.
Invokes the security incident response process including security response team activities as well as providing and implementing tactical risk mitigation to incidents
Actively protects the availability, confidentiality, and integrity of customer, employee, and business information
Participates in the Risk Assessment Program including identifying and scoring risk.
Provides vulnerability and threat management monitoring and mitigation response
Participates in tactical and operational planning of vulnerability assessment activities
Contributes to Enterprise security team effectiveness by accomplishing additional security related results as needed
Assists in the review, development, testing and implementation of security plans, products and control techniques
Act in a supporting role in the execution of EIS projects and initiatives
Participates in operations and tactical planning
College degree in related technical/business areas or equivalent work experience required
10 years relevant work experience preferred
Working knowledge of relevant technology, operations and key business processes.
Member of SANS or other leading security organizations preferred
Proven change management skills
At least one (1) of the following Industry certificates CEH, CISSP, or OCSP required
Influencing and negotiation skills
General knowledge and understanding of UNIX/Linux operating systems. Familiarity with common UNIX and Windows utilities, diagnostic and monitoring tools.
Scripting experience with Perl, Shell and/or Java is a plus
Strong verbal and written communication skills
Good organizational and interpersonal skills
Strong critical thinking and problem solving skills
Proven change agent who consistently delivers results
In depth knowledge of network protocols, LAN, WAN, SSL, Firewall, Load Balancer, and DMZ configurations.
Knowledgeable of the PCI (Payment Card Industry) data security standard and other regulatory concerns (SOX, FCRA, FISMA, etc.)
Information Risk Management: Content filtering technologies, application Firewalls, vulnerability scanners, LDAP, SAML, forensics software, security incident response
O/S: Linux (Red Hat, SUSE), Windows Desktop (XP, Win7, Win10) and Server (2000, 2003, 2008, 2012), UNIX (HP/UX, AIX, etc...)
Network: Firewall and Switching technologies (Cisco ASA, Juniper SRX, Checkpoint, etc.) OSI Model, VPN, IDS/IPS, Proxy/Reverse Proxy, WAF, Two Factor Authentication, RADIUS, Netflow, Anti-SPAM, Vulnerability Scanning/Reporting (Qualys, Rapid7, Nessus, NMAP, etc )
Software Languages: Perl, PowerShell, Python, SQL.
End Point: Anti Malware, HIPS, Client based Firewall, Whitelisting/Blacklisting technologies, GPO, WMI, BASH.
Set up alerts to get notified of new vacancies.