Datamasters
Senior IT Security Engineer
Datamasters, Greensboro, North Carolina, us, 27497
Direct-hire role with Greensboro, NC client. Must be local to the Triad area - position will be onsite for first 30-90 days, then will be 3 days in office/2 days remote.As an IT Security Engineer, you will be responsible for testing, designing, and implementing security controls and solutions, driven by policies and standards, to reduce the risk for the company. You will provide management, maintenance, and support of information security solutions designed to protect the confidentiality, integrity, and availability of the IT systems and data. This role is responsible for the design, implementation, and support of a secure information technology environment. The IT Security Engineer is expected to research and evaluate products to enhance the overall security posture of both internal and externally facing services. This position will serve as a subject matter expert for all infrastructure and application security protocols.Responsibilities:
Perform Penetration Testing, Incident Response, Secure Network Evaluation, Documentation, Network Monitoring, and Threat & Risk Investigation.Incident response activities include identification, response, investigation, and remediation of potential breaches and other issues surrounding data security.Proactively identify security problems, monitor performance trends, perform upgrades and make recommendations regarding security hardware, software, processes, and procedures as required.Evaluate technical controls and processes for compliance with regulations and standards including HIPAA, PCI, NIST, GDPR, ISO 27001 and other relevant requirements.Configure, implement, monitor, and support security software/systems including SIEM, Firewalls, IDS/IPS, Forward and Reverse Proxies, Web Application Firewalls, Two Factor Authentication, IAS, Internal/External Certificate Authority, Network Access Control, Encryption, Office365, and VPNs.Manage Endpoint Security solutions for all devices.Assist with management and maintaining VMware vSphere 6 environment supporting Windows 2012R2, 2016 and various Linux based operating systems.Serve as an escalation point for network systems operational issues.Manage security integration projects for custom, key applications and systems.Collaborate very closely with the other IT teams as well as Business Partners.Plays an advisory role in application and/or web development projects to assess security requirements and controls and to ensure that security controls are implemented as planned.Develops security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.Promote user security awareness.Conduct security research in keeping abreast of latest security issues, technologies, and trends.Perform security management functions by taking actions to mitigate risks, recommending security strategies, and ensuring controls are implemented and functional.Ensure all systems are properly hardened using security solutions and the principle of least privilege.Ensure all systems are properly patched in a timely and consistent manner.Engineering, implementing, and monitoring long-term retention of security relevant data collection and storage.Monitoring security analytics and investigating anomalies.Configuring and troubleshooting security infrastructure software and devices.Designing, implementing, and maintaining controls around sensitive data (PCI, SOX, NIST, etc).24x7 On-Call availability to handle and resolve all systems/service issues affecting production, revenue, in the event of an emergency, or for planned outside of business hours project/maintenance activity.Record, track, escalate, update calls, and close tickets thru problem management software.Design and create structured documentation that deals with complex information and manage the configuration of documentation items and files, within own area of responsibility.Resolve problems using electronic tools, manuals, and technical support documentation.Communicate effectively acting as a key liaison with customers, team members and colleagues across the company. Effectively communicate technical information to non-technical audiences.Take responsibility for own workload and keep others informed, highlighting potential problems, and suggesting solutions to ensure continuity of service delivery.Promote and assist in the implementation of strategies, policies and procedures that seek to guide and shape the IT Support Service delivered by the company.Some occasional traveling may be required.Required:
Bachelor’s degree or equivalent qualification and experience in a related field.Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc.), or other relevant certifications.Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices.Experience with host and/or network log analysis as applied to incident response / threat hunting.Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents.Strong experience in operating system and application security hardening and best practices.Strong ability to identify anomalous behavior on endpoint devices and/or network communications.Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux.A solid understanding of endpoint/network defenses and security incident response.A deep understanding of the various technologies, services, and specifications that comprise an enterprise network.Preferred Qualifications:
A well-rounded background in incident response, threat detection, phishing, and cybercrime.Experience in conducting research and identifying methods to detect emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs) with an emphasis on phishing and/or cybercrime.Experience with data analytic techniques, including machine learning, statistics, and data mining to solve core business challenges.Working knowledge of a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS/IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.Prior work experience implementing security standards and procedures.
#J-18808-Ljbffr
Perform Penetration Testing, Incident Response, Secure Network Evaluation, Documentation, Network Monitoring, and Threat & Risk Investigation.Incident response activities include identification, response, investigation, and remediation of potential breaches and other issues surrounding data security.Proactively identify security problems, monitor performance trends, perform upgrades and make recommendations regarding security hardware, software, processes, and procedures as required.Evaluate technical controls and processes for compliance with regulations and standards including HIPAA, PCI, NIST, GDPR, ISO 27001 and other relevant requirements.Configure, implement, monitor, and support security software/systems including SIEM, Firewalls, IDS/IPS, Forward and Reverse Proxies, Web Application Firewalls, Two Factor Authentication, IAS, Internal/External Certificate Authority, Network Access Control, Encryption, Office365, and VPNs.Manage Endpoint Security solutions for all devices.Assist with management and maintaining VMware vSphere 6 environment supporting Windows 2012R2, 2016 and various Linux based operating systems.Serve as an escalation point for network systems operational issues.Manage security integration projects for custom, key applications and systems.Collaborate very closely with the other IT teams as well as Business Partners.Plays an advisory role in application and/or web development projects to assess security requirements and controls and to ensure that security controls are implemented as planned.Develops security processes and procedures and supports service-level agreements (SLAs) to ensure that security controls are managed and maintained.Promote user security awareness.Conduct security research in keeping abreast of latest security issues, technologies, and trends.Perform security management functions by taking actions to mitigate risks, recommending security strategies, and ensuring controls are implemented and functional.Ensure all systems are properly hardened using security solutions and the principle of least privilege.Ensure all systems are properly patched in a timely and consistent manner.Engineering, implementing, and monitoring long-term retention of security relevant data collection and storage.Monitoring security analytics and investigating anomalies.Configuring and troubleshooting security infrastructure software and devices.Designing, implementing, and maintaining controls around sensitive data (PCI, SOX, NIST, etc).24x7 On-Call availability to handle and resolve all systems/service issues affecting production, revenue, in the event of an emergency, or for planned outside of business hours project/maintenance activity.Record, track, escalate, update calls, and close tickets thru problem management software.Design and create structured documentation that deals with complex information and manage the configuration of documentation items and files, within own area of responsibility.Resolve problems using electronic tools, manuals, and technical support documentation.Communicate effectively acting as a key liaison with customers, team members and colleagues across the company. Effectively communicate technical information to non-technical audiences.Take responsibility for own workload and keep others informed, highlighting potential problems, and suggesting solutions to ensure continuity of service delivery.Promote and assist in the implementation of strategies, policies and procedures that seek to guide and shape the IT Support Service delivered by the company.Some occasional traveling may be required.Required:
Bachelor’s degree or equivalent qualification and experience in a related field.Certifications in one or more of the following: Certified Information Systems Security Professional (CISSP), GIAC Certified Incident Handler (GCIH), GIAC Reverse Engineering Malware (GREM), GIAC Certified Forensic Analyst (GCFA), GIAC Network Forensics Analyst (GNFA), Offensive Security (OSCP/OSCE/etc.), or other relevant certifications.Hands-on experience with information security tools such as an enterprise SIEM solution, IDS/IPS, endpoint security solutions, email/web security gateways, and other security detection/mitigation devices.Experience with host and/or network log analysis as applied to incident response / threat hunting.Knowledge of offensive security, with the ability to think like an adversary when hunting and responding to incidents.Strong experience in operating system and application security hardening and best practices.Strong ability to identify anomalous behavior on endpoint devices and/or network communications.Experience with multiple operating systems to include Windows, Mac OS, and Unix/Linux.A solid understanding of endpoint/network defenses and security incident response.A deep understanding of the various technologies, services, and specifications that comprise an enterprise network.Preferred Qualifications:
A well-rounded background in incident response, threat detection, phishing, and cybercrime.Experience in conducting research and identifying methods to detect emerging cyber threats, attack methods, and evolving Tactics, Techniques, and Procedures (TTPs) with an emphasis on phishing and/or cybercrime.Experience with data analytic techniques, including machine learning, statistics, and data mining to solve core business challenges.Working knowledge of a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS/IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management.Prior work experience implementing security standards and procedures.
#J-18808-Ljbffr