Cyber Security Engineer II
Posted on Jun 17, 2022 by Request Technology
*We are unable to sponsor as this is a permanent full time role*
A prestigious company is on the search for a Cyber Security Engineer II. This engineer is focusing on security risks, vulnerabilities, security frameworks (NIST, ISO, SOC), IAM, Firewalls, etc. This person needs to have Scripting experience with Python or PowerShell for automation purposes. This engineer is expected to have at least 2 years of experience in design of strong security architectures that protect networks from threats and vulnerabilities.
- Perform Risk Assessments for IT projects, technologies and third-parties (eg, vendors and service providers).
- Respond to security assessments, questionnaires and audits from clients and third-party business partners.
- Subject matter expert for Information Security, consulting to technical and non-technical management, and attorneys as necessary.
- Evaluate and recommend security technologies and solutions.
- Plan and execute projects to implement new technologies and controls or to upgrade existing ones.
- Create and maintain system, procedural and support documentation.
- Contribute to the development and maintenance of security policies, standards, processes and guidelines.
- Participate in issues management (exception and findings requests) as needed.
- Collect information on emerging threats including software vulnerabilities.
- Coordinate triage of and response to vulnerability information.
- Disseminate this information regularly to firm staff and management as appropriate.
Education, Work Experience, Skills
- Five (5) years of work experience in IT Security is required
- 4-year college degree in information technology or equivalent experience
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) are preferred
- Experience with assessments in Windows and Unix is required
- Knowledge of IT security controls and IT infrastructure is required
- Strong knowledge of cloud technologies such as Microsoft Azure IaaS and SaaS is required
- Scripting/automation experience such as Python, PowerShell and API integrations is preferred
- Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG is required
- 2 plus years' experience in the design of strong security architectures that protect networks from threats and vulnerabilities
- Knowledge of security administration and role based security controls
- Knowledge of authentication technologies and their interaction with different platforms, both on-site and remote
- Knowledge of Identity & Access Management technologies
- Knowledge of anti-malware technologies
- Knowledge of Intrusion Detection and Intrusion Prevention technical capabilities
- Knowledge of both client and server Firewalling technologies and their configuration and administration
- Knowledge of security systems log correlation and analysis
- Knowledge of data encryption technologies
- Knowledge of Endpoint Detection and Response tools
- Knowledge of vulnerability assessment and forensic tools
- Knowledge of web filtering and email SPAM prevention techniques
Certificates, Licensures, Registrations
- Certified Information Systems Security Professional (CISSP), Certified Ethical Hacker (CEH), Offensive Security Certified Professional (OSCP) are preferred.