Application and Network Security Engineer
Posted on Jun 27, 2020 by Request Technology - Craig Johnson
*We are unable to sponsor for this permanent Full time role*
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking an Application and Network Security Engineer. Candidate is responsible for securing enterprise information at the Company by determining security requirements; planning, implementing, and testing security systems; preparing security standards, policies, and procedures; and mentoring team members. Additionally, this position is responsible for identifying potential threats to the IT infrastructure and recommending enterprise security enhancements. The Application Security Engineer will work on project teams as a technical expert and deliver quality products according to project timelines and budgets.
- Conduct application security reviews, vulnerability analyses, and risk assessments; identify integration issues. Recommend best practices and integrate mitigation strategies using Web Application Firewalls and the OWASP framework.
- Use technical knowledge of current attacks to identify flaws and weaknesses in the composition and design of networks, remote access schemes, systems, and applications to specify solutions, verify the solutions that have been implemented, and rapidly adjust designs based on new threat and attack information as acquired.
- Provide engineering support, troubleshooting, and evaluation of preventative and detective security technologies such as:
- Malware detection, web/email content filtering, intrusion detection and prevention, and vulnerability management.
- Serve as technical and project lead on IT Security initiatives; partner with System Engineers, Application Development teams, and Architects.
- Maintain security posture by monitoring and ensuring IT Security compliance to standards, policies, and procedures; conduct incident response analyses; develop and deliver training programs to team members.
- Enhance existing architecture and design through planning delivery of solutions; answering technical and procedural questions for team members; teaching improved processes; and mentoring team members.
- Generate and document operational processes, procedures, and incident response plans where necessary.
- Support the Company's diversity and inclusion strategy by following policies and procedures that ensure opportunities for employees and diverse business partners.
- Assist with other job duties as assigned.
- 5+ years of experience designing, deploying, configuring, supporting, troubleshooting, debugging, and administering Network Security Products (Firewalls, Proxy, Intrusion Detection Systems/Intrusion Prevention Systems, etc.).
- 5+ years of experience practicing Change, Problem, and Incident management processes utilizing ITIL in an enterprise environment.
- Minimum of 5 years of experience implementing and troubleshooting F5 BIG-IP solutions (APM, ASM)
- Ability to analyze, use, and configure large enterprise networks.
- Proven crisis management skills.
- Understanding of malware, emerging threats, attacks, and vulnerability management.
- Thorough understanding of network protocols such as TCP/IP and web protocols (HTTP/HTTPS).
- Working knowledge of Firewall technologies.
- Fundamental knowledge of different operating systems (Sun Solaris, Linux, Windows, etc.).
- Ability to initiate and complete assignments accurately and on time, with minimal supervision.
- Ability to work effectively with vendor technical support channels.
- Comprehensive understanding of the terminology, principles, and application of fault tolerance high availability and disaster recovery preparedness.
- Working knowledge of data security controls, protocols, and methods.
- Bachelor's degree in related field preferred.
- Strong written and oral communication skills.
- Ability to effectively lead and influence others without direct managerial authority within an inclusive work environment, using collaboration, coordination, and self-motivation.
- Ability to listen and integrate ideas from diverse groups of individuals, build and maintain respectful relationships, collaborate with others, and resolve conflicts constructively.
- Experience supporting IT service delivery in a highly-regulated and audited environment preferred.