Technical Support International, Inc.
IT Security Engineer
Technical Support International, Inc., Boston, Massachusetts, us, 02298
Job Description
IT Security Engineer - T2 (certifications a plus) Introduction Technical Support International (TSI), founded in 1989 and based in Foxboro, MA, is a provider of IT and Cyber Security Services for small and medium sized businesses throughout New England. Our main purpose is to serve our clients’ technology and security needs while adding value to their business by allowing them to focus on their core competency. TSI’s expertise is providing managed network and security services, remote and onsite IT support, and project management to our clients. Our experienced, and highly trained engineers offer customers thought leadership in areas of IT – a requirement for organizations in today’s complex IT and Cyber Security environment. TSI is committed to providing its clients with the highest quality of support and considers each client a partnership. Position Summary The IT Security Engineer will be a key member of the security team for an MSP/MSSP and have a comprehensive skill set in network security operations, cyber security tools, intrusion detection and secured networks. This position will work closely with the leadership team and key clients to improve their security posture. This is a hands-on role that requires analyzing the environment, coordinating data gathering and generating solutions on a day-to-day basis as well as contributing to the long-range planning activities of the overall IT team. The IT Security Engineer will assist with projects and investigations related to threat management and security breaches for clients, write security assessments, and develop policies to address problems and security emergencies and make recommendations to clients. Primary Responsibilities Consult and participate in day-to-day security operational activities with clients; Confirm and document client vulnerability and security risks and develop mitigation plans; Monitor and validate client security controls; Respond to security alerts, incidents, and issues; Ensure security controls meet multiple compliance needs and best practices; Participate in conducting and writing client Security and Risk Assessments; Consistently review relevant Cyber Security Compliances to educate clients on revisions and changes in requirements; Assist in investigating security breaches by leading the incident response to minimize impact, determine the cause of the breach, and ascertain the extent of the damage; Light travel to client locations where necessary; Other duties as required. Knowledge & Skills Experience with network/cyber security engineering: design, implementation, optimization, monitoring, and troubleshooting of LAN, WAN, WLAN and DR networks; Demonstrated best practice usage of security technologies and policy administration: Firewalls, IDS/IPS, DLP, Proxy, Endpoint, Vulnerability scanning and management, SIEM/logging, security groups and network segmentation, system hardening, incident response and malware/virus prevention; Experience with network security technologies including Rapid Fire, SolarWinds, Sophos, BlueCoat, SonicWALL, Cisco, CrowdStrike, and Splunk; Documenting security controls, monitoring and alerting around these controls; Clear understanding of virtualization technologies such as VMWare and Hyper-V; Knowledge of multi-tier application architecture on infrastructure and cloud environments; Demonstrated skill securing sensitive data in production environments; Self-starter with strong work ethic willing to identify issues and lead them to conclusion; Ability to see the big picture and present ideas clearly with demonstrated thought leadership to clients; Capable of meeting with clients to discuss cyber security solutions and recommendations. Education and Technical Qualifications: Bachelor's degree in Information Technology or other engineering or technical discipline; At least 4 years IT experience and minimum 2 years Cyber Security Information experience; four-year relevant experience may be substituted with professional certification. Industry security certifications a plus, [Ex. Certified Information Systems Security Professional (CISSP), CISA Certified Information Systems Auditor (CISA), CEH Certified Ethical Hacker (CEH), CISM Certified Information Security Manager (CISM), ISSAP Information Systems Security Architecture Professional (ISSAP), ISSEP Information Systems Security Engineering Professional (ISSEP)]; Experience with Linux, Windows 7/10, Windows Server 2003/2008/2012/2016, Windows Domains, Active Directory, and GPO's; In-depth understanding of NIST SP 800-171 and PCI DSS v3.2 or other security compliance frameworks; Experience in developing organization security policies and implementation of revised policies; Experience with endpoint security solutions, including file integrity monitoring and data loss prevention. Personal Attributes and Competencies: Excellent analytical and problem-solving skills; Ability to work independently on multiple projects; Ability to explain network concepts to both fellow technical staff and clients; Effective in prioritizing tasks within a high-pressure competing environment; Highly self-motivated and directed, with keen attention to detail; Demonstrates excellent oral and written communication skills; Excels in customer-facing environments and enjoys challenges; Strong organizational skills. Minimum Technical Requirements Knowledge of Cyber Security Frameworks and Compliance; Proven experience of computer networking - Routing/Switching, LAN/WAN, network & hardware security, and Multi-Vendor Firewall Configuration; 4+ years of professional experience in system administration a must; 2+ years of professional experience with cybersecurity; Proven experience with IT Security industry best practices; Proven experience with System/Application vulnerabilities, threats, and exploitation; Proven experience with virus and malware analysis (dynamic and static) or forensic examination; Knowledge and understanding of Windows, Linux, and Mac; Systems administration experience a must, preferably in an MSP/MSSP environment. Benefits Full-time position; Competitive salary commensurate with experience (base + bonus); Medical & dental insurance; 401K plan with company match; Long term and short-term company disability plans; Company life insurance; Paid holidays; Paid time off & Sick Time; Remote work flexibility; Discretionary quarterly bonus program. No recruiters or agencies. No relocation. Preference to applicants located on East Coast of the US due to EST operations. Cover letter strongly encouraged.
#J-18808-Ljbffr
IT Security Engineer - T2 (certifications a plus) Introduction Technical Support International (TSI), founded in 1989 and based in Foxboro, MA, is a provider of IT and Cyber Security Services for small and medium sized businesses throughout New England. Our main purpose is to serve our clients’ technology and security needs while adding value to their business by allowing them to focus on their core competency. TSI’s expertise is providing managed network and security services, remote and onsite IT support, and project management to our clients. Our experienced, and highly trained engineers offer customers thought leadership in areas of IT – a requirement for organizations in today’s complex IT and Cyber Security environment. TSI is committed to providing its clients with the highest quality of support and considers each client a partnership. Position Summary The IT Security Engineer will be a key member of the security team for an MSP/MSSP and have a comprehensive skill set in network security operations, cyber security tools, intrusion detection and secured networks. This position will work closely with the leadership team and key clients to improve their security posture. This is a hands-on role that requires analyzing the environment, coordinating data gathering and generating solutions on a day-to-day basis as well as contributing to the long-range planning activities of the overall IT team. The IT Security Engineer will assist with projects and investigations related to threat management and security breaches for clients, write security assessments, and develop policies to address problems and security emergencies and make recommendations to clients. Primary Responsibilities Consult and participate in day-to-day security operational activities with clients; Confirm and document client vulnerability and security risks and develop mitigation plans; Monitor and validate client security controls; Respond to security alerts, incidents, and issues; Ensure security controls meet multiple compliance needs and best practices; Participate in conducting and writing client Security and Risk Assessments; Consistently review relevant Cyber Security Compliances to educate clients on revisions and changes in requirements; Assist in investigating security breaches by leading the incident response to minimize impact, determine the cause of the breach, and ascertain the extent of the damage; Light travel to client locations where necessary; Other duties as required. Knowledge & Skills Experience with network/cyber security engineering: design, implementation, optimization, monitoring, and troubleshooting of LAN, WAN, WLAN and DR networks; Demonstrated best practice usage of security technologies and policy administration: Firewalls, IDS/IPS, DLP, Proxy, Endpoint, Vulnerability scanning and management, SIEM/logging, security groups and network segmentation, system hardening, incident response and malware/virus prevention; Experience with network security technologies including Rapid Fire, SolarWinds, Sophos, BlueCoat, SonicWALL, Cisco, CrowdStrike, and Splunk; Documenting security controls, monitoring and alerting around these controls; Clear understanding of virtualization technologies such as VMWare and Hyper-V; Knowledge of multi-tier application architecture on infrastructure and cloud environments; Demonstrated skill securing sensitive data in production environments; Self-starter with strong work ethic willing to identify issues and lead them to conclusion; Ability to see the big picture and present ideas clearly with demonstrated thought leadership to clients; Capable of meeting with clients to discuss cyber security solutions and recommendations. Education and Technical Qualifications: Bachelor's degree in Information Technology or other engineering or technical discipline; At least 4 years IT experience and minimum 2 years Cyber Security Information experience; four-year relevant experience may be substituted with professional certification. Industry security certifications a plus, [Ex. Certified Information Systems Security Professional (CISSP), CISA Certified Information Systems Auditor (CISA), CEH Certified Ethical Hacker (CEH), CISM Certified Information Security Manager (CISM), ISSAP Information Systems Security Architecture Professional (ISSAP), ISSEP Information Systems Security Engineering Professional (ISSEP)]; Experience with Linux, Windows 7/10, Windows Server 2003/2008/2012/2016, Windows Domains, Active Directory, and GPO's; In-depth understanding of NIST SP 800-171 and PCI DSS v3.2 or other security compliance frameworks; Experience in developing organization security policies and implementation of revised policies; Experience with endpoint security solutions, including file integrity monitoring and data loss prevention. Personal Attributes and Competencies: Excellent analytical and problem-solving skills; Ability to work independently on multiple projects; Ability to explain network concepts to both fellow technical staff and clients; Effective in prioritizing tasks within a high-pressure competing environment; Highly self-motivated and directed, with keen attention to detail; Demonstrates excellent oral and written communication skills; Excels in customer-facing environments and enjoys challenges; Strong organizational skills. Minimum Technical Requirements Knowledge of Cyber Security Frameworks and Compliance; Proven experience of computer networking - Routing/Switching, LAN/WAN, network & hardware security, and Multi-Vendor Firewall Configuration; 4+ years of professional experience in system administration a must; 2+ years of professional experience with cybersecurity; Proven experience with IT Security industry best practices; Proven experience with System/Application vulnerabilities, threats, and exploitation; Proven experience with virus and malware analysis (dynamic and static) or forensic examination; Knowledge and understanding of Windows, Linux, and Mac; Systems administration experience a must, preferably in an MSP/MSSP environment. Benefits Full-time position; Competitive salary commensurate with experience (base + bonus); Medical & dental insurance; 401K plan with company match; Long term and short-term company disability plans; Company life insurance; Paid holidays; Paid time off & Sick Time; Remote work flexibility; Discretionary quarterly bonus program. No recruiters or agencies. No relocation. Preference to applicants located on East Coast of the US due to EST operations. Cover letter strongly encouraged.
#J-18808-Ljbffr