fulltimejobs.com
Jobs in Australia Jobs in Canada Jobs in China Jobs in France Jobs in Germany Jobs in India Jobs in Indonesia Jobs in Japan Jobs in Malaysia Jobs in Pakistan Jobs in Philippines Jobs in Russia Jobs in Singapore Jobs in Taiwan Jobs in Thailand Jobs in U.K. Jobs in USA Jobs in World Wide

Job Details
Email to Friend Save Back

Senior Security Engineer

ADDISON-60101, IL, US
 07/16/2018

-

Required Skills

    Python, Java
Company

Infinity Consulting Solutions, Inc

Experience

-

Job Description

Job Description:

Procure and implement new cyber security technology - Ensuring that technologies are procured within budget and delivered to the company in a timely manner.

Consult with colleagues throughout Information Technology - Ensure that new applications and infrastructure are secure from the project initiation phase.

Vulnerability Management & Penetration Testing - Strong knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development.

Configures, schedules, manages and reviews internal and external network and application vulnerability scans and penetration tests.

Monitors and reviews industry related vulnerabilities reviewing findings with appropriate teams, creating remediation plans and tracks and reports on progress

Secure Development - Build strong relationships and be deeply embedded within product management and software engineering team. The Senior Security Engineer will drive the design and adoption of secure software development lifecycle practices across the areas of secure architecture and design, secure coding, security testing, and secure software release management.

Cloud Security - Build a secure cloud environment and help drive the adoption of secure coding and deployment practices in AWS.

Incident & Cyber Threat Management - Works with the appropriate teams to ensure all appropriate data is aggregated into the logging and monitoring tool and that the appropriate reports are produced and reviewed.

Infrastructure Security - Works closely with the Infrastructure and Application
Development teams to ensure proper configurations are implemented and tested on WAF, FW, IDS/IPS and platform

Patch Management and End-Point Protection - Reviews all patches and updates released related to the company operating systems.

This includes but is not limited to standard operating systems, hardware bios and firmware, appliances and any other mission critical systems or services.

Plan and coordinate routine and emergency outage windows through coordination with Information technology and business units and communications to co-workers and consultants.

Training & Awareness - Assist with the development of security awareness programs and the associated training

Data preparation and gathering for audits - Works closely with infrastructure and engineering team in technology to gather information and the appropriate business units to compile all documentation and reporting as required.

Skills Needed:

5 - 10 years of experience working in technology and development with a specialty in security in a complex environment, focusing on protection of intellectual property and sensitive data.

Strong knowledge of network and web application exploitation, ethical hacking, penetration testing, computer forensics and tool development

Cloud Security experience (AWS, O365)

Advanced experience with security technologies including Intrusion Detection & Prevention
Systems (IDS/IPS), Firewalls & Log Analysis, SIEM, Network Behavior Analysis tools,
Antivirus, and Network Packet Analyzers, and Malware analysis and forensics tools

Strong knowledge of vulnerability assessment, scanning and tools

Experience with software application best practices (e.g. OWASP, CWE/SANS)

Experience creating and maintaining security policies and standards

Working knowledge of security best practices and standards such as ISO27001, ISO27002, PCI-DSS

Ability to think logically and analyze security requirements and convert them to accurate security plans to mitigate risk

Analyzes relevant cyber security event data for attack indicators and breaches that may yield detection/prevention content

Ability to effectively manage multiple concurrent priorities and meet deadlines within a dynamic, fast paced and challenging environment

Strong interpersonal and communication skills

Demonstrate the ability to clearly articulate complex technical scenarios to a non-technical audience

Technology Used:

WAF, Static Code analysis, Qualys, Whitehat, AWS, Internet Secure Gateway, Checkmarx, DLP, Splunk, Python, Java, Node.JS


Security Architect
Information Technology
No Preference
FullTime Job
Other
1
Candidate Requirements
-
-
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
- 
Email to friend Save Back