The Enterprise Information Senior Security Engineer works with the Manager of Enterprise Networking Services and Security to develop, implement, and communicate IT Security products, policies and procedures for the organization.Â
The ideal candidate must have hands on experience solving technical security problems.
As the senior technical point of contact for security this individual should be a self-starter, able to provide expert security monitoring and management with little or no direct supervision.Â Â Resolve difficult security mandates and solve complex challenges as it relates to security and business operations.
- Assists in the enforcement of security policies and procedures by administering and monitoring data security, reviewing security violations, investigating possible security exceptions and documenting security controls.
- Assists in the response to PCI and SOX controls audits where information or data security is indicated.
- Provides customer service and support at all levels of the organization.
- Maintains IT security for a 24-hour per day, 7-day per week enterprise environment.
- Participates in the evaluation and deployment of products to enhance productivity and effectiveness of information security across the organization.
- Provides direct support and guidance to administrative and IT technical staff for security related issues.
- Participates in the development and implementation of enterprise security strategies.
- Assists in the securing of all enterprise components including servers and networking devices.
- Works in a collaborative manner with multiple business units.
- Previous experience in a security role for a PCI or HIPPA environment strongly desired.
- Solid technical understanding of Windows, Unix, and Linux Operating systems.
- Broad knowledge of hardware, software, and networking technologies.
- Experience managing security technologies such as password automation, data loss prevention, network access control, content proxies, configuration and log management, certificate management, firewalls, and vulnerability scanners.
- Familiarity with one or more database technology such as Oracle, MS SQL Server, MySQL.
- Understanding of common open source vulnerability tools such as Nessus, Metasploit, NMAP, WebScarab/Burp Proxy.
- Participate in a technical on call
Education and Experience:
- Bachelor’s degree or acceptable amount of applicable technical experience.
- At least 4-6 years of full-time, professional technology experience with emphasis on information security, forensic investigatory processes and procedures, and the monitoring, analysis and auditing of IT security environments.
- Possession of an industry-recognized intermediate or advanced information technology security certification, such as CompTIA Security+, CISSP, CEH, or equivalent.