Our client is looking for a Sr. Security Operations Engineer for a fulltime perm position.

Security Engineer

Responsibilities

• Responsible for the design and engineering of security solutions for an evolving environment
• Must have experience working with vendor APIs and integrating with Security Information and Event Management (SIEM) platforms and ticketing systems
• Will collaborate closely with other IT Operations & security functions.  Validate security configurations, including firewalls, intrusion detection/prevention systems, web applications firewalls, and network/endpoint detection and response platforms
• Design, develop, integrate, and implement security solutions to defend against advanced cyberattacks, hacking and persistent threats
• Tier 2/3 security incident response, including supporting the identification and remediation of infrastructure-related security incidents
• Conduct proof-of-concepts for new security technologies
• Maintain, support and improve security architecture
• Participate in infrastructure and application projects to advise other Enterprise teams of security best practices
• Continuously automate repeated tasks and processes
• Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats
• Be central point of contact for assigned platform/workplace and interface with key stakeholders to ensure security
• Be responsible for all aspects of security and ensure remediation of issues and/or automated methods to inhibit violations of security

Security Operations:

Responsibilities

• Oversee the team of cyber security vendors, managed services and employees
• Develop state-of-the-art security tools to correlate threats, detect and respond to incidents.
• Oversee SIEM (Security information and event management) or SOAR (Security Orchestration, Automation and Response) functions/tools
• Oversee and manage Incident response and 24/7 SOC
• Manage policies and alerts for Network Security, Firewalls, and content filtering
• Mange Endpoint Security policies and operational functions for both endpoint and servers (antivirus, app white listing, encryption, privileged access management)
• Mange Vulnerability Management function (tool administration, automation and reporting, KPI production)
• Manage alerts and policies for Email Security
• Mange Data Loss Prevention policies for network and endpoint
• Facilitate Cyber Forensics investigations (eDiscovery, Forensics, and Investigations)
• Communicate and coordinate with other IT, groups and business units.
• Assist developing high-level strategic plans and roadmaps.
• Assist developing long-term threat horizons and roadmaps.

Compliance:

Responsibilities

• Define, publish, and maintain Information Security policies, standards and guidelines.
• Partner with the enterprise Engineering team and other key IT leaders to create, publish, and continuously improve the information security architecture for the enterprise.
• Align Information Security processes with Cyber Security Framework such as ISO 27001, PCI, NIST, GLI-33 and SCF.
• Drive Security Awareness efforts throughout the organization
• Assist with implementing information security program and security control assessment strategy.
• Provide guidance on security controls involving password and access management, segregation of duties, logging and monitoring, data encryption, data backup and recovery, disaster recovery, business continuity management, etc.
• Review compliance with the information security policy and standards.
• Provide periodic reporting on information security issues and gaps for compliance with the enterprise information security policies, standards, and procedures among employees, contractors, alliances, and other third parties.
• Coordinate the execution of security governance and assessment control initiatives.
• Provide high quality work by ensuring accuracy and seeking to continuously improve information security processes by embracing new and better ways of doing things.
• Investigate, recommend, and follow up appropriate corrective actions for identified security deficiencies and policy exceptions.
• Identify security risks to the business units and ensure appropriate data security procedures are in alignment with policies.
• Act as a liaison to the business and IT groups and assist them in the implementation of data security, compliance requirements, and information security technologies.
• Assist projects as needed by business and provide guidance/training to less experienced staff within the team.

Tools:
 

• Carbon Black – Protection & Defense
• JAMF
• Checkpoint
• Stealth Bits
• FireEye EPT
• Tenable
• PDQ
• Bomgar
• McAfee Encryption
• Cisco email security (CES)
• PKI (DigiCert / Microsoft)