Senior IT Security Engineer
Posted on Sep 5, 2020 by Pierce Technology Corp
GENERAL STATEMENT OF DUTIES
The Senior IT Security Engineers key functions and responsibilities include analyzing complex problems, assisting with designing, developing and testing enterprise wide security capabilities, solutions, systems and services. Assisting IT systems and applications engineers, and developers, coders and relationship managers solve risk and security problems and provide guidance on their applications and use. The Senior Security Engineer will be the escalation point for Junior Security Engineers and Security Operations for security events, incidents and cases (2nd Level Escalation).
The Senior IT Security Engineers key functions and responsibilities include monitoring, resolving, managing, documenting and reporting on enterprise IT security and information assurance-based events, Design-configuration-setup of security systems (in coordination with IT teams and as directed by the CISO), 2nd/3rd tier or level incidents and case escalations. The Senior Security Engineer will be focused in working with the various technical-centric, monitoring systems, controls systems and security tools. A high degree of coordination between the IT Service Operations Division and software management teams will be required in this position as well as managing, reviewing and finalizing enterprise security incidents/cases/alerts to documentation.
A key component of work duties, will be to coordinate with remote and/or managed services partners on a regular basis. This position will assist the various EIRSD team members in administering and conducting business impact & risk analyses (BIRA), (FDA, HIPAA, SOX, GDPR, GxP, Security projects and initiatives) risk assessments and audit support across all departments. The candidate should have experience or the capability to facilitate and conduct both technical and non-technical risk assessments and audit support for HIPAA, GxP, GDPR, FDA, SOX. The candidate must have significant working experience with MS Word documents, MS Excel spreadsheets and MS PowerPoint. This person reports to the Chief Information Security Officer.
This individual must work effectively with internal IT Divisions, business units, Internal/External Auditors and external customers to be an advocate for customer trust. Key to the success in this position is the ability to articulate clearly and effectively in both written and verbal forms of communications, as well as excellent project management skills. This role will include facilitating the documentation, translation and deployment of business process policies and procedures throughout the company and designing business process controls that ensure policies are properly implemented. The individual will be required to thoroughly test business process and IT controls, clearly document audit work papers, collect and organize audit evidence, and monitor audit remediation activities. The individual will support the administration of eDiscovery, litigation hold, CALEA (if this becomes necessary), and fraud and loss processes within the company.
This position is a senior and high level technical position with a minimum of fifteen (15) years in an IT or systems engineering in general, previously worked in an IT/OT operations role, with working experience in detailed and deep technical roles in software/Systems engineering, applications development and/or high tier technical specialist in an organization and a minimum of eight (8) years in advanced Security architecture and engineering, such as but not limited to, an ISP, MSP or Telecommunications company, to be effective. Other tasks include but are not limited to the:
* Involvement in the implementation of new security solutions
* Participation in the creation and or maintenance of policies, standards, baselines, guidelines and procedures
* Conducting vulnerability audits and assessments
* Operate as a security strategist
* Support the CISO as required and directed
* Improve, build, or create new enterprise solutions
* Strategy & Design Ownership
* Strategy & Design Reviews
* Participate on Architecture Review Board
* Solutions Architect
* Project Management Ownership, Communication, & Prioritization
* Gather Requirements: Business, Technical, Resources, & Dependencies
* Operations and Technical Documentation
* Vendor Review: Products & Solutions
* ROI & VOI Models
* Proof of Concepts
* Enterprise Architecture liaison and consulting regarding secured data management
* Master data management and Enterprise Architecture security design and requirements
* Evaluate new technologies and products for current and new designs.
* Evaluate and assist with solution creations.
* Establish relationships with partners and vendors of services, software, and hardware to ensure production systems are operating according to specification.
* Define and analyze network & system performance.
* Investigates and resolves problems, inefficiencies, and performance issues.
* Provides ongoing information to management, customers, and peers regarding health of the environment, enhancements, innovations and secure network solutions
* Depicts highly complex ideas, issues and designs to varied audiences; communicates project objectives, scope and direction across project team.
* Data Center element support but not limited to firewall, VPNs, routers, and switches.
* Manage day to day activities for projects involving computer forensics, information security or rapid response data breach matters
* Develop and implement policies related to secure hardware, software, and configuration templates for network elements.
* Create, document, and share technical roadmaps to support network business needs throughout the company.
* Manages projects and project teams for continued attainment of business goals.
* Performs related duties as assigned or requested.
* A minimum of eight (8) plus years of Security Architecture and Engineering and/or Global Hi-Volume Critical infrastructure level Technology Operations.
* A minimum of four (4) plus years of leading projects and/or design teams.
* Technical military and/or law enforcement experience and training is a plus and preferred
* Desired Systems & Operations Technical Skills in the following areas:
* Design, configuration, and implementation of LAN, WAN, and Wi-Fi Ethernet networks
* Routers, Firewalls, load balancers, and intrusion detection & prevention systems
* Concepts and experience with Video solutions and elements
* OS including Windows, Apple, Red Hat, and Ubuntu
* Scripting with Ruby, Python, or Perl
* Penetration Testing and Metasploit
* Encryption systems for email, laptops, servers, etc.
* SIEM technologies: ArcSight, OSSIM, QRadar, Logarithm, Security Onion and/or others
* Forensic tools: Wireshark, Snort and ELSA
* Database Solutions: Microsoft & Oracle product lines
* Storage Systems: Oracle, NetApps, EMC, and 3 Par
* Anti-virus Systems Crowdstrike and others
* Content Filtering Solutions such as Blue Coat
* Data Center Applications such as DNS, DHCP, TFTP, etc.
* Must know Applications Security engineering in detail:
* Must know the following in detail:
* IPv4: TCP, UDP, ICMP, IPsec
* IPv6 Construct, multi-layering, etc.
* IP Multicasting, MPLS and VPLS, RIP, OSPF, BGP, and IS-IS
* VoIP: SIP, RTP, SCTP
* Understanding of all OSI, TCP, UDP, IP layers
* CISSP, SANS, ISACA, ISC2, and other industry accepted, and standards body accredited technical and operations certifications
* Strong project management and organizational skills
* Strong customer service focus and skills
* Uncompromised Ethics (partially evidenced by an ANSI or ISO security certification background check)
* Ability to work in a fast-paced environment, demonstrate good logical problem-solving skills, handle multiple tasks, and work efficiently under deadlines
* Working Knowledge and Experience with:
* The following education, accreditation and professional certifications required and highly preferred:
* Travel 10% of time or as needed for projects and initiatives (some travel may be global)
* Proven ability to work in a decentralized and entrepreneurial environment.
* Has passion for the efficient business operations, coupled with a deep understanding of the telecommunications industry
* A person who cares about the people with whom they work and their customers and approaches them with integrity and honesty.
* Thrives in an environment where teamwork, accessibility and pragmatism are emphasized, and where reward is based on results.
* Enjoys building relationships and collaboration
* Bright, innovative thinker with a broad range of personal and professional experiences.
* Strong written, oral and presentation communication skills. Has personal and professional maturity that warrants respect and provides an example.
The position will not have direct reports but rather matrix style management to achieve the goals and work as a senior security engineer and solutions architect to optimize and configure any system or technology in the intercept sphere of influence. This role will provide direction, guidance, assistance and/or mentorship to other staff and coworkers as required or requested.
* Applicant may be required to work both inside and outside of the facility.
* On-call and flexible work hours are required. The position will have on call rotation to maintain 24x5 coverage for handling alerts, incidents and events.
* Employee must be able to work in the maintenance window hours on a regular basis if needed.
* The physical demands described in this section are representative of those that _must_ be met by an employee to successfully perform the essential functions of this job.
* Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
* Applicant must have the ability to lift equipment weighing 65 pounds, sit for long periods of time in front of a computer as well as the ability to type and read on a computer.
Set up alerts to get notified of new vacancies.