Sr Security Engineer
The successful candidate will be responsible for designing, implementing, and maintaining information/network security systems for Client’s service provider and management networks. The incumbent must possess skills that enable him or her to troubleshoot and maintain security applications and equipment that support both an Internet Service Provider business and a Network Operations environment.
The successful candidate must have a proven technical-security background, with emphasis on identity and security technologies, including an understanding of Information Security fundamentals (such as the ISC2's Common Body of Knowledge, United Kingdom's Common Criteria, and ISO 17799). A strong desire to promote solid Information Security awareness/practice throughout the enterprise is critical, as the candidate will be asked to provide subject matter expertise to other areas inside enterprise.
• Participate in the strategic design and architecture of a complex, high-scale enterprise Security program.
• Responsible for the evolution of the Security alerting and monitoring program by implementing and executing integration processes, frameworks, and activities.
• Responsible for the operational support of all Network Security Operations alerting and monitoring management platforms to ensure stability, uptime, and security.
• Lifecycle management of new security systems and applications with existing environments.
• Assist with the decommission or migration of existing environments.
• Write technical documents as necessary describing base security requirements and architecture.
• Experience with at least one of the following: Fortinet, CheckPoint, or Cisco ASA firewalls. Must have experience in design, installation, configuration, and operations.
• Strong skills in system administration for Linux and Windows operating systems.
• Development of identity and access governance framework and methodologies.
• Preference will be given to candidates with experience in at least one of the following:
o SIEM technologies and methodologies
o Shell Scripting
• Knowledge of network protocols, data flows, and vulnerabilities within a TCP/IP environment.
• Familiar with fundamental networking concepts.
• Must be able to work well in team environment.
• Independent problem solver; self-directed, self-starting.
• Good inter-personal and communication skills.
• Good personal organizational skills.
• Ability to prioritize and work issues via ticketing system.
• The ability to multi-task and meet deadlines in a fast-paced, dynamic operations environment.
• Available and willing to be in a 24x7 on call rotation
• Ability to lift at a minimum 50 pounds.
• Strong understanding of alerting and monitoring security fundamentals.
• Strong understanding of system design.
• Security system deployment methodology
• Defense in depth strategies
Security Product Knowledge:
• Familiarity with RSA Ace (SecurID), Active Directory and OpenRadius
• Solaris or Redhat
• Windows 2003 and newer
• Experience with Cisco ACS/ISE
• Fortinet, Checkpoint, Juniper and Cisco firewalls a plus
Certification / License:
• CISSP / CISM (Preferred)
Special Requirements/ Certifications:
Physical Requirements: (Not Editable)
Minimum Requirements: (Not Editable)
College degree in Engineering or a related field and 5-7 years professional level experience with 0-2 years supervisory experience for roles with supervision; or 9+ years professional level related Engineering/Technical experience with 0-2 years supervisory experience for roles with supervision; or an equivalent combination of education and professional level related Engineering/Technical experience required.
Education: (Not Editable)
College degree in Engineering
• Est. End Date: 6 months- convert to hire
• Work Location Address (Able to work remotely?): Greenville, SC/Rochester, NY/Atlanta, GA and yes they can work remote so technically they can sit anywhere in the US
• Work Schedule/Hours Required: 1st shift
• Top 3 Skills:
Firewall Vendors: Fortinet, CheckPoint and Cisco ASA
Expert knowledge of Security Engineering Design, deployment and support
Expert ability to troubleshoot, isolate and resolve firewall related events
Strong knowledge of 2FA, TACACS and Radius Authentication (Cisco ISE/ACS, SecureID RSA or PINGID)
Strong understanding of firewall Rules and Policies