The Senior Security Engineer will be an experienced technical lead for IDS Information Security team. You will help architecting, implementing and configuring security tools to meet security program’s needs. You will be a technical expert who has a deep understanding of the security domains, knowledge of exploits and threat and a desire to run a proactive security operations program.
Essential Duties and Responsibilities:
- Ensure CIA of critical systems.
- Conducts health checks on security processes and tools.
- Automate testing tools.
- Improve security infrastructure and reporting.
- Influence security architecture and security operations.
- Support compliance and audit activities.
- Analyze and correlate SIEM feeds.
- Providing advanced security operations and engineering support for Windows servers, endpoint security, computer forensics, vulnerability/penetration assessment/mitigation, and security event management (SIEM).
- Monitor and maintain security systems in accordance with company policies.
- Report corporate security violations.
- Investigate and Report incidents as company, local, state, federal and regulatory requirements require.
- Identify information security weak points, work with other teams and third-party vendors to resolve.
- Develop innovative improvements to security system capabilities
- Application pen-testing and remediation.
- Assess the appropriateness and effectiveness of security measures and recommend enhancements.
- Participate in post-mortem investigation of security incidents and prepare security incident reports.
- Work on various special projects as needed
- Other duties as assigned
- Curiosity and creativity in breaking and defending modern web applications.
- Scripting skills to develop and improve security and user data analysis tools.
- Comfort with network, server, and application log analysis and correlation.
- Working experience and knowledge of Windows operating systems web servers.
- Be results oriented, highly energetic and self-motivated.
- Ability to confidently and simply explain technical security issues without hype or buzzwords.
- Demonstrate outstanding teamwork skills.
- Have the ability to work with technical and non-technical business owners to get things done.
- Have the ability to handle multiple competing priorities in a fast-paced environment.
- Strong understanding and working knowledge of networking and web technologies, identity and management. systems, forensics, incident response, and investigation.
- Proven ability to share knowledge, resolve conflict, create consensus, and lead complex projects.
- Proven ability to plan, test, and implement security controls.
- Comprehensive knowledge of IDS/IPS, NextGen and applications firewalls, VPN, DLP, data encryption, SIEM, vulnerability and penetration testing, Windows and database security.
- Ability to react quickly in a fast paced, rapidly changing environment.
- Strong ability to take ownership of assigned tasks and responsibilities.
- Must display high level of critical thinking in order to weigh alternatives and present solutions that are consistent with requirements.
- BS in technology, math or equivalent work experience required.
- Minimum of 5 years of experience providing network, applications, and systems security administration services in a mission critical environment required.
- Experience implementing and configuring common security tools, appliances and agents.
- Understanding of advanced security protocols and standards, including a demonstrated ability to perform complex analysis and producing information security metrics preferred.
- Experience with the following: Application and network security testing tools, intrusion detection and prevention tools, event correlation tools.
- Experience Pen-testing web applications security.
- Knowledge of information security frameworks and industry regulations (NIST, ISO, COBIT, PCI, SOX).
- GPEN, GWAP, ESCA, LPT, CASP+ or similar advanced security certifications are preferred.
- Knowledge of US banking security regulations (OCC / FFIEC, GLBA) preferred.
- Experience in a PCI-compliant environment
- Security monitoring, network and applications security, systems access control, identity and access management, penetration and vulnerability assessment, analysis and reporting, forensics and investigation.
Travel: Ability to travel 20%, must have a valid driver’s license with good driving history.
Salary: Depending on Experience and Education