GET THE FREE NATIONAL CYBER SECURITY APP FOR YOUR PHONE AND TABLET
CEB (NYSE: CEB) is the leading member-based advisory company. By combining the best practices of thousands of member companies with our advanced research methodologies and human capital analytics, we equip senior leaders and their teams with insight and actionable solutions to transform operations. This distinctive approach, pioneered by CEB, enables executives to harness peer perspectives and tap into breakthrough innovation without costly consulting or reinvention. The CEB member network includes more than 16,000 executives and the majority of top companies globally.
The IT Security Engineer has responsibility for the support, engineering, project guidance, consultation and operational research/resolution as well as documentation for PDRI-CEB client facing and Corporate enterprise security profile. This role is responsible for implementation, maintenance, documentation and operation of information security controls. The IT Security Engineer will maintain and/or enhance, document, and upgrade the integrity of all systems technology landscape through direct and collaborative efforts in research, design, configuration, maintenance, and support of the hardware, systems and interfaces that comprise PDRI-CEB’s hybrid cloud operating environment. The IT Security Engineer will also assist in architectural design, procurement, and evaluations of additional resources for the infrastructure.
This position will provide technical oversight for the technologies and security policies associated with (but not limited to) Data, Processes and Systems including Servers, Network Devices, Storage Area Networks, VPN, Firewalls, etc. and will create and enforce policies and procedures associated with the effective and efficient administration of such component systems in order to obtain and maintain required security certifications such as FEDRAMP, NIST, ISO, Sarbanes-Oxley, etc. Finally, this position will review system and firewall logs, as well as announcements of new security vulnerabilities, in order to identify actionable information and document resolution (action taken) to mitigate vulnerabilities.
•Provide security guidance, documentation, and driving infrastructure decisions in collaboration with other technical and management stakeholders, ensuring Security principles are being upheld and no violations of Security Policy is taking place.
•Possess an understanding of security monitoring products across tools and platforms (Log Management analysis, Intrusion Detection analysis, Vulnerability Scanning analysis, etc.).
•Work closely with senior management, systems operations staff, software development staff, support staff, and end-users to ensure rapid resolution of Security issues (Network and Host based Firewall changes, IPsec policy changes).
•Work face-to-face with multiple stakeholders interviewing, planning, or participating in a team effort to bring multiple complex projects to completion in a highly motivated, fast paced environment.
•Defining and/or refining SLAs / OLAs in order to meet technical, operational, security and business needs.
•Support others in analyzing and resolving difficult technical problems (act as 3rd tier support as appropriate).
•Act as Subject Matter Expert (Systems Security) and escalation resource as appropriate (network, server and application troubleshooting).
•Maintain current knowledge on Security Industry, Sarbanes Oxley, ISO, FEDRAMP, DIACAP, NIST and other standards as appropriate.
•Conduct in-depth technical reviews of new and existing IT systems in order to identify the appropriate mitigation strategies required to bring these systems into compliance with established policy and industry guidelines (Best Practices if available).
•Engage in ongoing research of emerging trends and new technologies which may benefit PDRI-CEB’s goal of strategically implementing technology to enhance business performance, and specifically support the Information Systems security function.
•Performs other duties as required.
•Must have a Bachelor’s degree in IT Security, Computer Sciences or relevant field with 8+ years of experience.
•One or more of the following certifications: GSEC, GCIA, GCIH, CCNA Security, CISA, CISM, CCSP, MCSA/MCSE 2012 and/or CISSP.
•In-depth knowledge of security and privacy best practices.
•In-depth knowledge of NAC systems, such as Cisco ISE, 802.1x wired/wireless, TACACS, Etc.
•In-depth knowledge of Web Application Firewalls
•In-depth understanding of standard protocols (i.e., TCP, FTP, HTTP, DNS, DHCP, RADIUS, SNMP, and SMTP) in addition to routing protocols.
•Hands on experience with forensics based investigation of Windows and Unix based systems for the purpose of detecting the root cause of Information Security incidents. Ability to develop detection and response mechanisms.
•Ability to perform risk assessments and build risk mitigation plans.
•Knowledge of IT security architecture and design (firewalls, Intrusion Detection Systems, Server Infrastructure, Vulnerability Scanners, Virtual Private Networking, virus protection technologies, and Log Management among others).
•Knowledge of LAN/WAN design and internetworking technologies.
•Knowledge of Microsoft server products including Windows Server, Active Directory, Certificate, Federation, IIS and SQL Server.
•Experience with managing vendor relationships and leading consulting firms on projects.
•Working knowledge of systems infrastructure technologies.
•Strong analytical, JR project management and technical problem solving skills.
•Passion for teamwork, career growth, and knowledge sharing.
•Ability to adapt quickly to change and to influence matrix organization to conform and support Security Policies.
•Written and oral communication skills, teamwork and organizational skills.
•Strong ability to function independently or as a part of an integrated cross-functional team.
Familiarity with SDLC, ITIL, and PMP methodologies
Must be able to obtain and maintain a security clearance (US Citizen).
Proven technical documentation experience.
Excellent customer service skills.
Ability to work scheduled and not scheduled maintenance windows after hours