Vacancy expired!
Senior Information Protection Advisor - Security Engineer/AnalystTHIS IS A REMOTE ROLESummaryThe Senior Information Protection Advisor will be responsible for the overall technical architecture and design of network security engineering and operations. In this capacity, the individual will perform discovery, business case development, and definition of client issues, and design, document and present corresponding technical solutions. Responsibilities also include evaluation of next-generation and complementary technologies for adoption, and the ongoing optimization of architecture and design for continuous improvement of security and cost reduction. As such, the ideal candidate should possess the knowledge and skills to design world-class solutions using leading-edge technologies.Core Duties, Strategy and CompetenciesThis individual will be responsible for maintaining the technology that monitors and detects attacks against global infrastructure, including passive monitoring capabilities, internal/external threat detection, and device detection. The position requires a solid understanding of all IT topics and security expertise. Additionally, the candidate should be prepared to:
- Daily management of Security Policy (IPS, IDS, UTM)
- Signature tuning, and identification of false positives
- Troubleshooting, planning, managing and participating in the diagnosis (current state), detailed design (future state) and deployment of security processes and technologies across s network
- Partner with teams, assisting with installation, monitoring, maintenance, support and optimization of all security-related components
- Anticipate, recognize, and resolve technical (hardware, software, application or operational) problems via tcpdump or wireshark
- Utilize SIEM (Security Information and Event Management) platforms for enterprise wide monitoring
- Serve as the key technical interface to internal and external customers
- Ensure system security needs are established and maintained for operational effectiveness
- Work cross-organizationally to ensure integration with partner and dependent technologies
- Participate in a 24x7 on-call rotation with team members
- Advanced knowledge of information security principles, theories, and concepts
- System hardening concepts and techniques expertise, including but not limited to: IPS, IDS, Managed DDoS, Email Gateway, AMP, Anomaly-Based Intrusion Detection, Signature-based Intrusion Detection
- Advanced knowledge of security architecture concepts (ex: Defense in Depth, Zero Trust Security), centralized logging solutions, authentication systems, and data protection and privacy
- Advanced knowledge of the following technologies: Gigamon, Fortinet, Palo Alto, ThreatInsight, StealthWatch, QRadar, Checkpoint
- Network and secure remote access controls
- LDAP, Unix, Active Directory, Linux, Web Application Servers
- Virtualization technologies (VMware, VLANS, Hypervisors)
- In-depth understanding of security event analysis and intrusion detection (IDS/IPS)
- Incident response, triage, incident analysis and remediation
- Solid problem solving and analytical skills; able to quickly digest issues encountered and recommend an appropriate solution
- Experience in using scripting languages to automate tasks and manipulate data. Programming experience is a plus
- Advanced knowledge of TCP/IP protocol and analysis of tools (example: tcpdump)
- Advanced knowledge of VPN/Firewall and other security protocols
- Control owner audit deliverables (SOC2, PCI, HIPAA, etc)
- Excellent communication skills (verbal and written)
- Security certifications (CISSP, SSCP, CASP+, Security+, CEH, GSEC)
- Expertise with security frameworks (NIST 800-53, CIS 20, NIST Cyber Security Framework, ISO 27001)
- Bachelors degree in Computer Science, or a related discipline. 8+ years (12+ years ideal) of solid, diverse work experience in IT, or the equivalent in education and work experience
Vacancy expired!