Job Details

Email to Friend Save Back

Security Engineer

ORLANDO-32802, FL, US
11/08/2016

-

Required Skills

Network analysis

Company

Infinity Consulting Solutions, Inc

Experience

3 to 5 Year(s)

Job Description

The Information Security Engineer is a key technical resource within the organization on all matters relating to cyber security.

The role is responsible for guiding the IT organization with security technology, standards and expert consulting in the secure deployment and maintenance of information assets.

Principal Responsibilities:

React to evolving threat conditions and advise technology teams on risk and threat remediation.

Work closely with development teams to implement and maintain a robust Security Development Lifecycle

Conduct information security architectural reviews for medium to high risk projects at a key project gates

Provide expert information security consulting to project teams needing guidance beyond the frameworks and standards

Design and drive the implementation and maintenance of appropriate layers of defense to protect the organization’s information assets

Identify and quantify the organization’s information risks and guide the organization in mitigating risk to an acceptable level

Help create an information security engaged and accountable culture within IT

Stay current on common and emerging attack vectors as well as the best tools and practices for thwarting them

Ensure all controls required for regulatory compliance are in place and working as expected

Conduct forensic investigations maintaining chain of custody as appropriate

Respond to information security incidents with expertise to quickly contain and eradicate the threat

Perform regular network and application vulnerability assessments and penetration testing

Ensure the Availability, Confidentiality, and Integrity of our systems and networks.

Experience and Qualifications:

5+ years of experience in advanced network design, implementation, and management

5+ years of experience implementing network, systems, and application security

3+ years of experience in Security Engineering, Security Risk Analysis, Policy, and Procedures

Requires extensive experience in network and information security with a proven track record of success. Must possess detailed experience implementing security policies and infrastructure in datacenter environment, cloud computing or multinational organization.

Strong experience and detailed technical knowledge in security engineering, secure application development lifecycle processes, authentication and security protocols, and cryptography

Strong understanding of IP addressing, subnetting, DNS, switching, VLANs, trunking, advanced routing protocols, TCP/IP ports and services, UDP, different levels of the OSI model, and exposure to common server operating systems

Strong understanding of Linux and Windows operating systems, especially as related to web hosting/SaaS environments

Experience analyzing and correlating information contained within network, event, and security logs

Knowledge and experience of advanced network and security platforms and tools:

Network analysis (e.g. NetFlow, Wireshark), FIM (e.g. Tripwire, OSSEC), Vulnerability analysis (e.g. Nmap, Nessus, BurpSuite), SIEM, IDS/IPS, two factor authentication, and DLP

Knowledge and experience in virus, malware, ransomware, and rootkit prevention, identification, and cleanup

Familiarity with web application platforms such as Apache, Tomcat, JBoss, etc

Familiarity with web application languages such as Java, ColdFusion, PHP, etc

Education:

Bachelor’s in Engineering, Computer Science, Information Technology or Mathematics required

Third Party Applications Not Accepted