San Antonio Water System
Senior Network Security Engineer
San Antonio Water System, San Antonio, Texas, United States, 78208
JOB SUMMARY
Works for and under the general direction of the Director, Network Security Services. Responsibilities include design and review of security controls, monitoring of internal/external access controls and security safeguards to protect the confidentiality, integrity and availability of information systems assets. This role will be the subject matter expert in the domain of information security as it relates to servers/workstations, networks, web applications, IT processes and regulatory compliance. Evaluates, selects, implements, and monitors administration of information system security tools across enterprise. Assist in developing and implementing policy and control frameworks, and promoting security awareness and compliance throughout the organization. Leads a staff of two or more security engineers.ESSENTIAL FUNCTIONS
Researches, designs and advocates new technologies, architectures, and security products that will support business security requirements for the enterprise.Conducts threat and vulnerability risk assessments to determine security requirements and proactively fix security flaws and vulnerabilities.Plays a lead role in the identification, analysis, evaluation, deployment and optimization of security technologies.Maintains oversight of the design, implementation and testing of IT systems to ensure appropriate and effective security controls are built from the start.Works closely with other groups, including System Administrators, Network Engineering, Applications, SCADA/I&C and other information system staff to ensure adequate security solutions are in place for all IT systems and platforms to sufficiently mitigate identified risks and meet business objectives.Leads projects and initiatives to design and verify implementation of various information security controls.Governs security design and architecture during project delivery by enforcing the use of established standards and evolving solutions and patterns.Supports information security leadership team in strategic planning and development.Provides security design, consultancy, and assessment services; and introduces improvements in technical security standards and security implementation patterns and designs.Conducts analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.Detects, investigates and manages recovery efforts from security incidents, and assists with incident response plans.Increases company-wide security awareness and monitors information security related web sites and newsletters to stay up to date on current attacks and trends.Analyzes potential impact of new threats and exploits and communicates risks to relevant business units.Designs technical solutions and coordinates with the staff to ensure timely and accurate implementation.Performs other duties as assigned.DECISION MAKING
This position works under limited supervision.This position serves as a technical lead, providing guidance and mentorship to network security engineers.MINIMUM REQUIREMENTS FOR ALL SPECIALTIES
Bachelor's Degree in Information Technology, Computer Science or related field of study required.Six years of relevant IT work experience, to include five years in information security field, preferably in an environment certified and compliant with a globally recognized Security Framework / Information Security Management System (NIST SP 800-53, ISO27001, HIPAA, SOX, PCI).At least one professional information security certification required (CCNP-Security, CISSP, CISM, CRISC, and/or SANS GIAC).Valid Class "C" Texas Driver's License.PREFERRED QUALIFICATIONS
Master's Degree in Cybersecurity and Information Assurance.CISSP, CISM, & CCNP Certifications.Knowledge of SCADA/ICS security controls and best practices.Knowledge of Linux/Unix and other open source software to include BIND and Nessus.Programming skills in one or more languages (Python, Ruby, Bash, PHP, Perl, Java).Experience with Cisco and Palo Alto enterprise grade products to include: Nexus 7000, 4500, ISR G2, Firewalls, Sourcefire, Web Proxy, TACACS+, DMVPN, ISE, etc.JOB DIMENSIONS
Knowledge of network security, security-related systems and applications as well as security protocols and related tools, including tcpdump, Wireshark, Splunk, AccelOps, and Nessus Security Center.Knowledge of Metaspoit, Nessus, digital Forensics tools.Demonstrated ability to identify security requirements and validate implementation of applicable controls into a robust architecture that sufficiently repels most malicious attacks.Regular contact with internal and external customers and contractor representatives involved with LAN/WAN design, network implementation, and network management.PHYSICAL DEMANDS AND WORKING CONDITIONS
Working conditions are primarily inside an office environment with travel to various locations on an occasional basis. Physical requirements include occasional lifting/carrying of 70 pounds; visual acuity, speech and hearing; hand and eye coordination and manual dexterity necessary to operate a computer keyboard and basic office equipment. Subject to sitting, standing, reaching, walking, twisting, and kneeling to perform the essential functions.May be required to work hours other than regular schedule such as nights, weekends and holidays.
#J-18808-Ljbffr
Works for and under the general direction of the Director, Network Security Services. Responsibilities include design and review of security controls, monitoring of internal/external access controls and security safeguards to protect the confidentiality, integrity and availability of information systems assets. This role will be the subject matter expert in the domain of information security as it relates to servers/workstations, networks, web applications, IT processes and regulatory compliance. Evaluates, selects, implements, and monitors administration of information system security tools across enterprise. Assist in developing and implementing policy and control frameworks, and promoting security awareness and compliance throughout the organization. Leads a staff of two or more security engineers.ESSENTIAL FUNCTIONS
Researches, designs and advocates new technologies, architectures, and security products that will support business security requirements for the enterprise.Conducts threat and vulnerability risk assessments to determine security requirements and proactively fix security flaws and vulnerabilities.Plays a lead role in the identification, analysis, evaluation, deployment and optimization of security technologies.Maintains oversight of the design, implementation and testing of IT systems to ensure appropriate and effective security controls are built from the start.Works closely with other groups, including System Administrators, Network Engineering, Applications, SCADA/I&C and other information system staff to ensure adequate security solutions are in place for all IT systems and platforms to sufficiently mitigate identified risks and meet business objectives.Leads projects and initiatives to design and verify implementation of various information security controls.Governs security design and architecture during project delivery by enforcing the use of established standards and evolving solutions and patterns.Supports information security leadership team in strategic planning and development.Provides security design, consultancy, and assessment services; and introduces improvements in technical security standards and security implementation patterns and designs.Conducts analysis of security requirements and controls to identify gaps and provides recommendations of industry best practices, trends, and technology products.Detects, investigates and manages recovery efforts from security incidents, and assists with incident response plans.Increases company-wide security awareness and monitors information security related web sites and newsletters to stay up to date on current attacks and trends.Analyzes potential impact of new threats and exploits and communicates risks to relevant business units.Designs technical solutions and coordinates with the staff to ensure timely and accurate implementation.Performs other duties as assigned.DECISION MAKING
This position works under limited supervision.This position serves as a technical lead, providing guidance and mentorship to network security engineers.MINIMUM REQUIREMENTS FOR ALL SPECIALTIES
Bachelor's Degree in Information Technology, Computer Science or related field of study required.Six years of relevant IT work experience, to include five years in information security field, preferably in an environment certified and compliant with a globally recognized Security Framework / Information Security Management System (NIST SP 800-53, ISO27001, HIPAA, SOX, PCI).At least one professional information security certification required (CCNP-Security, CISSP, CISM, CRISC, and/or SANS GIAC).Valid Class "C" Texas Driver's License.PREFERRED QUALIFICATIONS
Master's Degree in Cybersecurity and Information Assurance.CISSP, CISM, & CCNP Certifications.Knowledge of SCADA/ICS security controls and best practices.Knowledge of Linux/Unix and other open source software to include BIND and Nessus.Programming skills in one or more languages (Python, Ruby, Bash, PHP, Perl, Java).Experience with Cisco and Palo Alto enterprise grade products to include: Nexus 7000, 4500, ISR G2, Firewalls, Sourcefire, Web Proxy, TACACS+, DMVPN, ISE, etc.JOB DIMENSIONS
Knowledge of network security, security-related systems and applications as well as security protocols and related tools, including tcpdump, Wireshark, Splunk, AccelOps, and Nessus Security Center.Knowledge of Metaspoit, Nessus, digital Forensics tools.Demonstrated ability to identify security requirements and validate implementation of applicable controls into a robust architecture that sufficiently repels most malicious attacks.Regular contact with internal and external customers and contractor representatives involved with LAN/WAN design, network implementation, and network management.PHYSICAL DEMANDS AND WORKING CONDITIONS
Working conditions are primarily inside an office environment with travel to various locations on an occasional basis. Physical requirements include occasional lifting/carrying of 70 pounds; visual acuity, speech and hearing; hand and eye coordination and manual dexterity necessary to operate a computer keyboard and basic office equipment. Subject to sitting, standing, reaching, walking, twisting, and kneeling to perform the essential functions.May be required to work hours other than regular schedule such as nights, weekends and holidays.
#J-18808-Ljbffr