Our client is seeking a talented Security Engineer to join a small team of exceptional security specialists. This is a mid-size organization where an engineer will be able to perform a wide range of duties to compliment their existing skillset.
For immediate consideration email: Ryan.Rhodes@RHT.com
Perform system security administration on designated technology platforms, including operating systems, applications and network security devices, in accordance with the defined policies, standards and procedures of the organization, as well as with industry best practices and vendor guidelines. Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems. Perform threat and vulnerability assessments, in some cases followed by appropriate remedial action, to ensure that systems are protected from known and potential threats and are free from known vulnerabilities. Apply patches where appropriate and, at the direction of the Assistant Vice President, IT Risk, remove or otherwise mitigate known control weaknesses, such as unnecessary services or applications or redundant user accounts, as a means of hardening systems in accordance with security policies and standards. Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations. Participate in infrastructure projects to develop, plan, and implement specifications for network and distributed system security technologies in support of key information systems. Respond to and, where appropriate, resolve or escalate reported security incidents. Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution. Locate and repair security problems and failures. Collate security incident and event data to produce exception and management reports. Develop and maintain documentation for security systems and procedures.
Technical Knowledge: • Knowledge of information security principles, including risk assessment and management, threat and vulnerability management, incident response, and identity and access management. • Technical proficiency with security-related systems and applications especially application aware firewalls and intrusion prevention systems. • Strong knowledge of next generation firewalls such as Fortigate, Palo Alto, or Checkpoint firewalls with Fortigate/FortiManager prefered. • Strong knowledge of Cisco Access Controls required. • Strong knowledge of TCP/IP and network administration/protocols. • Experience with Wireless Intrusion Prevention Systems such as Mojo/AirTight, and LogRhythm SIEM a plus. • Experience in developing, documenting and maintaining security procedures. • Knowledge of network infrastructure, including routers, switches, firewalls, and associated network protocols and concepts. • Working technical knowledge of current systems' software, protocols and standards. Experience: 3+ years of information technology experience required, with at least 3 years' information security experience with solid background in information security and data privacy protection preferred.