VantageLinks is dedicated to Information Technology (IT) staffing through direct placements, contract-to-hire, and contract services. We currently have an opening for a Sr. Cybersecurity Engineer with one of our premier clients.
This position functions as a member of the enterprise Security Engineering organization, focusing on the application of cybersecurity concepts and controls as applied to information technology design and implementation.
He/She will work across the organization to ensure the design, development and implementation of both new and existing security capabilities and standards including threat modeling, vulnerability management, analytics, incident response and investigative support across the network security landscape. The Sr. Cybersecurity Engineer will both develop and adhere to CLIENT’s network security design principles and information protection policies. Focus will be on assuring the security of the computing environment, protecting customer and employee confidential information, and complying with regulatory requirements. This is accomplished through strong information risk governance, active collaboration with business risk managers, and providing high quality security solutions and services that ultimately work to improve overall risk posture.
Security Engineering acts as a collaborative partner to the CISO in protecting the Confidential Information of our members, clients, partners, employees, and the corporation. Our mission is to deliver, optimize, and maintain a comprehensive ecosystem of security control technology, solution designs, methods, and processes to detect, deter, and prevent compromise of our systems and data theft from both internal and external sources, and to protect against the unintentional misuse and exposure of confidential information. We will ensure that security controls are being monitored, that they remain viable, that they are performing as expected, that they are alerting, and collecting data that is useful in providing threat intelligence. We will remain vigilant in assessing our attack surface and staying abreast of current and emerging threats.
- Identify areas for architectural, engineering, and operational improvements of existing security solutions
- Engineer, implement and monitor security measures for the protection of computer systems, networks and information
- Design computer security architecture and develop detailed cyber security designs
- Complex planning and analysis to determine what tools, technologies, processes, and controls are needed to meet security objectives.
- Develop and update security metrics for framework maturity, security posture governance, and reporting
- Perform systems security engineering activities for deployment of new enterprise cyber security technologies
- Ensure all security technologies and solutions are operating at a high level of assurance and properly integrated into SIEM solution(s).
- Be a strong partner and collaborate with company Information Risk Management organization in identifying and developing solutions for evolving threat model.
- Identify risks/gaps and make recommendations for remediation.
- Stay current on the latest and emerging cyber threats and threats to enterprise information security and proactively work to address risk.
- Prepare and document standard operating procedures and protocols
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks
- Ensure that the company knows as much as possible, as quickly as possible about security incidents
- 8 + years of proven work experience as a system security engineer or information security engineer
- Experience in building and maintaining security systems
- Hands on experience in security systems, including firewalls, intrusion detection systems, anti-virus / anti-malware software, authentication systems, log management, content filtering, email security DLP and remote access
- Experience with network security and networking technologies and with system, security, and network monitoring tools
- Experience with computer and end-point security solutions and technologies
- Experience with penetration testing, vulnerability management, forensic investigation and red team / blue team exercises
- Thorough understanding of the latest security principles, techniques, and protocols
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols and application security concepts including WAF.
- Basic working knowledge of Unix/Linux operating systems and concepts
- Scripting / automation background a plus
- Security certifications a plus (CISSP, SSCP, CISA, etc.)
- Bachelor’s degree in Cybersecurity / Information Security or related experience
We are unable to accept H1B candidates and, please no staffing agencies.