Senior Information Security Engineer

We are seeking an experienced senior information security operations engineer with a broad-based background in cloud security, vulnerability assessment, security log management and incident response. This is a senior-level technical role in a fast-paced growing security organization.

Responsibilities

• Working with security tools and API integration work including writing scripts and development of automation around detection and remediation activities.
• Given the growing nature of the organization, you will work closely with other internal and external groups and may also assist in other security activities as necessary in response to assessments and/or audits.
• Implementing and improving a cloud(AWS experience preferred) security program vulnerability management and security log collection and monitoring tools, analyzing data from those tools and providing recommendations for security improvements to existing processes and technology, and participating in and leading incident response efforts.
• Identification and remediation of OS and network security weaknesses and vulnerabilities
• Respond to internal and/or external reports, events, and incidents (e.g. scanning, hacking, phishing)

Qualifications

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed are representative of the knowledge, skill, and/or ability required:

• Bachelor’s in computer science (or equivalent) degrees
• Minimum of 5+ years of documented information security work experience
• At least 5+ years of system/network security experience, including threat modeling, threat assessments, risk identification techniques, penetration testing
• Detailed knowledge of network and Web related protocols (e.g., TCP/IP, IPSec, HTTP, SSL, routing protocols)
• Experience designing and implementing controls around a cloud environment, AWS experience preferred.
• Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, firewalls, identity management, NAC, MDM etc.
• Demonstrated experience with malware remediation.
• Experience in one or more technical forensic tools
• Experience with Splunk from systems deployment and endpoint configuration to log analysis and interpretation.
• Ability to identify signs of intrusion or infection on a variety of systems.
• Expertise in administration of enterprise OS’s
• Ability to move seamlessly between a hacker / attacker mindset and a security engineer / defender mindset
• Hands on experience with Nmap, vulnerability scanners, ZAP, Kali, MetaSploit, Wireshark, Kismet, Aircrack-ng
• Penetration testing experience
• Application and database security experience, including code reviews
• Network and security engineering experience, including log and network traffic capture analysis
• IT security certifications (SANS GIAC, CISSP, CCNA Security, CCNP Security, RHCSA or RHCE, AWS Security) are a plus
• Experience with advanced malware technologies is a plus

#LI-KB1