Our client is looking for a Sr. Security Operations Engineer for a fulltime perm position.
- Responsible for the design and engineering of security solutions for an evolving environment
- Must have experience working with vendor APIs and integrating with Security Information and Event Management (SIEM) platforms and ticketing systems
- Will collaborate closely with other IT Operations & security functions. Validate security configurations, including firewalls, intrusion detection/prevention systems, web applications firewalls, and network/endpoint detection and response platforms
- Design, develop, integrate, and implement security solutions to defend against advanced cyberattacks, hacking and persistent threats
- Tier 2/3 security incident response, including supporting the identification and remediation of infrastructure-related security incidents
- Conduct proof-of-concepts for new security technologies
- Maintain, support and improve security architecture
- Participate in infrastructure and application projects to advise other Enterprise teams of security best practices
- Continuously automate repeated tasks and processes
- Maintain contact with vendors, industry peers, and professional associations to keep informed of existing and evolving industry standards, technologies, and cyber threats
- Be central point of contact for assigned platform/workplace and interface with key stakeholders to ensure security
- Be responsible for all aspects of security and ensure remediation of issues and/or automated methods to inhibit violations of security
- Oversee the team of cyber security vendors, managed services and employees
- Develop state-of-the-art security tools to correlate threats, detect and respond to incidents.
- Oversee SIEM (Security information and event management) or SOAR (Security Orchestration, Automation and Response) functions/tools
- Oversee and manage Incident response and 24/7 SOC
- Manage policies and alerts for Network Security, Firewalls, and content filtering
- Mange Endpoint Security policies and operational functions for both endpoint and servers (antivirus, app white listing, encryption, privileged access management)
- Mange Vulnerability Management function (tool administration, automation and reporting, KPI production)
- Manage alerts and policies for Email Security
- Mange Data Loss Prevention policies for network and endpoint
- Facilitate Cyber Forensics investigations (eDiscovery, Forensics, and Investigations)
- Communicate and coordinate with other IT, groups and business units.
- Assist developing high-level strategic plans and roadmaps.
- Assist developing long-term threat horizons and roadmaps.
- Define, publish, and maintain Information Security policies, standards and guidelines.
- Partner with the enterprise Engineering team and other key IT leaders to create, publish, and continuously improve the information security architecture for the enterprise.
- Align Information Security processes with Cyber Security Framework such as ISO 27001, PCI, NIST, GLI-33 and SCF.
- Drive Security Awareness efforts throughout the organization
- Assist with implementing information security program and security control assessment strategy.
- Provide guidance on security controls involving password and access management, segregation of duties, logging and monitoring, data encryption, data backup and recovery, disaster recovery, business continuity management, etc.
- Review compliance with the information security policy and standards.
- Provide periodic reporting on information security issues and gaps for compliance with the enterprise information security policies, standards, and procedures among employees, contractors, alliances, and other third parties.
- Coordinate the execution of security governance and assessment control initiatives.
- Provide high quality work by ensuring accuracy and seeking to continuously improve information security processes by embracing new and better ways of doing things.
- Investigate, recommend, and follow up appropriate corrective actions for identified security deficiencies and policy exceptions.
- Identify security risks to the business units and ensure appropriate data security procedures are in alignment with policies.
- Act as a liaison to the business and IT groups and assist them in the implementation of data security, compliance requirements, and information security technologies.
- Assist projects as needed by business and provide guidance/training to less experienced staff within the team.
- Carbon Black – Protection & Defense
- Stealth Bits
- FireEye EPT
- McAfee Encryption
- Cisco email security (CES)
- PKI (DigiCert / Microsoft)