GlobalXperts
IT Security Principal Engineer -NATIONWIDE_
GlobalXperts, Raleigh, North Carolina, United States, 27601
IT Security Principal Engineer - NATIONWIDE
ContractGlobalXperts is a leading IT Solution Provider whose business focus is to provide Day 2 remote monitoring & co-managed support and professional services for advanced Cisco, Microsoft and Data Center solutions. Our Level 1 through Level 3 networking experts (CCNA through CCIE) are available around-the-clock and have a deep understanding of internetworking technologies (Collaboration, Data Center, Borderless networking, Security) and products from leading equipment manufacturers, giving you access to multi-technology support from a single source. Our professional services approach tracks with Cisco's PPDIOO model which is to prepare, plan, design, implement, operate, and optimize. And, while each phase of the service delivery model is strategically designed to build upon the previous phase, GlobalXperts technical staff has been successfully utilized by our customers for any or all phases.The IT Security Principal Engineer will deliver security technical consulting to internal organizations and Information Technology Services (ITS). The IT Security Principal Engineer will evaluate the needs of key stakeholders to find solutions to challenging situations. Primary areas of expertise are IT infrastructure and information security compliance (HIPAA, SOX, PCI, Penetration Testing, etc.).Responsibilities:• Drive SDL across ITS and business segments, for internal and externally facing applications, including Ecommerce sites, Mobility (Android, Apple IOS), and legacy applications;• Source code analysis and remediation using Fortify; Network security assessments and analysis for corporate and non-corporate network environments;• Firewall policy evaluation, review, and design;• Ensure compliance across applications and networks for PCI, HIPAA, and SOX;• Provide training and guidance for security including Threat Modeling, Penetration Testing, SDL, and Code Security Reviews.Minimum Requirements:• Bachelor's degree required, preferably in computer science or information systems;• 5+ years of experience leading penetration testing, application testing, and red team engagements;• 10+ years of Information Technology experience, with a background in Security and Compliance.Additional Requirements:• Experience with security tools such as Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools;• Experience with scripting languages such as Python, Ruby, POSIX shell, as well as familiarity with programming languages such as C/C++/ObjC/C#, Java, PHP, or .NET;• Understanding of:- Web protocols (e.g., HTTP, HTTPS, and SOAP);- Web technologies (e.g., HTML, JavaScript, XML, AJAX, JSON, and REST);• Experience with WLAN security concepts and testing;• Strong technical communication skills, both written and verbal; ability to explain technical security concepts to executive stakeholders in business language;• While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial;• Experience in the following regulations and Frameworks: PCI, ISO 27001/2, HIPAA, GLBA, NIST.All your information will be kept confidential according to EEO guidelines.
#J-18808-Ljbffr
ContractGlobalXperts is a leading IT Solution Provider whose business focus is to provide Day 2 remote monitoring & co-managed support and professional services for advanced Cisco, Microsoft and Data Center solutions. Our Level 1 through Level 3 networking experts (CCNA through CCIE) are available around-the-clock and have a deep understanding of internetworking technologies (Collaboration, Data Center, Borderless networking, Security) and products from leading equipment manufacturers, giving you access to multi-technology support from a single source. Our professional services approach tracks with Cisco's PPDIOO model which is to prepare, plan, design, implement, operate, and optimize. And, while each phase of the service delivery model is strategically designed to build upon the previous phase, GlobalXperts technical staff has been successfully utilized by our customers for any or all phases.The IT Security Principal Engineer will deliver security technical consulting to internal organizations and Information Technology Services (ITS). The IT Security Principal Engineer will evaluate the needs of key stakeholders to find solutions to challenging situations. Primary areas of expertise are IT infrastructure and information security compliance (HIPAA, SOX, PCI, Penetration Testing, etc.).Responsibilities:• Drive SDL across ITS and business segments, for internal and externally facing applications, including Ecommerce sites, Mobility (Android, Apple IOS), and legacy applications;• Source code analysis and remediation using Fortify; Network security assessments and analysis for corporate and non-corporate network environments;• Firewall policy evaluation, review, and design;• Ensure compliance across applications and networks for PCI, HIPAA, and SOX;• Provide training and guidance for security including Threat Modeling, Penetration Testing, SDL, and Code Security Reviews.Minimum Requirements:• Bachelor's degree required, preferably in computer science or information systems;• 5+ years of experience leading penetration testing, application testing, and red team engagements;• 10+ years of Information Technology experience, with a background in Security and Compliance.Additional Requirements:• Experience with security tools such as Nmap, Metasploit, Kali Linux, Burp Suite Pro, etc., as well as other various commercial and self-developed testing tools;• Experience with scripting languages such as Python, Ruby, POSIX shell, as well as familiarity with programming languages such as C/C++/ObjC/C#, Java, PHP, or .NET;• Understanding of:- Web protocols (e.g., HTTP, HTTPS, and SOAP);- Web technologies (e.g., HTML, JavaScript, XML, AJAX, JSON, and REST);• Experience with WLAN security concepts and testing;• Strong technical communication skills, both written and verbal; ability to explain technical security concepts to executive stakeholders in business language;• While experience in a number of IT disciplines may provide a solid framework for this position, hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial;• Experience in the following regulations and Frameworks: PCI, ISO 27001/2, HIPAA, GLBA, NIST.All your information will be kept confidential according to EEO guidelines.
#J-18808-Ljbffr