The IT Security Engineer is responsible for a variety of IT Security related support tasks which ensures the development, implementation, monitoring and maintenance of security controls governing processes, procedures, and systems. This individual will identify, collect, analyze, interpret, and assist in the development of security metrics and reports. Which will include actively working with senior IT Security staff, Systems Administrators, Network Team, Application Experts, and IT Service Desk to ensure IT Security Policies and Procedures are implemented correctly.
The IT Security Engineer must be results oriented, should be able to work under pressure, and assist senior members of the IT Security team to solve complex information security problems. In addition, the individual must have good verbal and written communication skills, be able to work efficiently in a team environment, and be able to provide guidance to junior members of the IT.
These responsibilities also include, ensure current IT Security Controls and toolsets are aligned with company policy, legislative and business data security requirements, such as GLBA, PCI, SOX, SOC, etc
• Perform vulnerability assessments, scanning and risk reviews using vulnerability scanners and exploitation tools
“We are an equal opportunity employer and drug-free workplace. If offered employment, applicant must be willing to submit to a background check/drug test.”
|Requirements||Bachelor’s degree in Information Technology is preferred. Two years of equivalent combination of education and experience in Systems Administration or Information Security.
Two years Systems Administration experience required.
Preferred two years of experience in execution of Information Security programs, tools, processes and best practices.
Must possess Security+ certification
Knowledge of how to properly secure Windows servers, Linux/Unix, and desktop systems
Knowledge of common application vulnerabilities, current threat vectors and mitigations
Hands-on experience with;
◦ Port and network scanners such as NMAP
◦ Vulnerability Assessments tools such as Qualys, Nessus
◦ Penetration and Vulnerability validation tools such as, Metasploit
◦ Log Management or SIEM solutions such as Solarwinds LEM
◦ Office 365 data protection tools, such as Azure RMS
◦ Anti-Malware solutions such as Sophos
◦ Data Classification tools, such as Identity Finder
◦ Intrusion Prevention Systems such as Cisco Firepower
◦ Web Application Firewall, such as Akamai WAF
Experience working with IP networking, networking protocols and understanding of security related technologies
Experience with VMware
Experience working with internet and web application security techniques (SANS and OWASP)
Experience working with leading firewall, scanning and intrusion detection technologies
Experience working with logging and file integrity monitoring tools
Familiarity with IT security standards and best practice frameworks (Cobit, ITIL, PCI, SOC, and SOX)
MS Office, Detailed-oriented with strong analytical and problem solving skills, strong ability to think strategically and analyze
information timely and accurately, strong interpersonal communication skills to deal effectively with all levels of the
Excellent written and verbal communication skills required.