Security Engineer - SSP
Boston, MA
About the Job
. They are looking for a comprehensive skill set in network security operations, cyber security tools, intrusion detection, and secured networks. This hands-on role requires assisting in analyzing the environment, coordinating data gathering and helping to generate solutions on a day-to-day basis. Additionally, this role will contribute to the long-range planning activities of the overall IT team, and may oversee projects and investigations related to threat management and security breaches.
Role:
The Senior Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required to respond to emergencies and to perform system maintenance that cannot be completed during normal business hours. Under the supervision of the Security Manager, working individually or as part of a project team, the Senior Cyber Security Engineer will continuously assess security and related risks to the enterprise office locations, assets, and employees and make recommendations for mitigation strategies that will decrease risk. They will assist in maintaining the confidentiality, integrity, and availability of computer workstations, servers, and local area networks.
Experience:
The desired candidate will have significant operational cyber security experience with a background in incident response; project development and management related to planning, implementation and maintenance of security systems and processes; experience with threat modeling; implementation of security controls to protect infrastructure and data; a working knowledge of security domains and security frameworks; experience with SIEM tools; experience with vulnerability identification, assessment, and management; knowledge of network and traffic analysis; and knowledge of penetration testing techniques. Personal Attributes: Important skills related to this position include attention to detail, the ability to task switch, excellent written and verbal communication, the ability to work both independently and collaboratively to complete assigned tasks, and the ability to deliver results in high pressure circumstances.
Primary Responsibilities:
The Senior Cyber Security Engineer will be responsible for all operational aspects of network security engineering: design, implementation, optimization, monitoring, mitigation and troubleshooting of our LAN, WAN, WLAN and DR networks. Participate in and often lead investigations pertaining to threat assessment and mitigation for both internal and external threats. o Incident response, remediation and recovery. o Conduct investigations of anomalies found during audit trailanalysis. o Participate in security related investigations as needed to ensure that policy defined tasks are completed. Provide technical support for numerous standalone and network systems to includepenetration testing, vulnerability scanning, virus updates, patches, service packs, and hot fixes, policies related to onboarding/offboarding of staff, media controls, and ensuring all security related documentation is notated asrequired. Monitor networks and systemsfor security issuesthrough the use of varioussecurity tools. Perform vulnerability scans, analyze results and assist with the remediation as necessary. Conduct regular audits to ensure authorized systems are being operated securely and are in compliance with security policies and procedures. Monitor access to all information systems and report on compliance with established policies and procedures, relative to the level of potential risk and recommend appropriate corrections. With the Security Manager, leverage security best practices to assess, design, test, approve, implement, and support new and existing multi-tier solutions in multiple sites and data centers. Create accurate network diagrams and documentation for planning securitybasedchanges, investigating network impact, and issuing resolutionprocedures.
Technical Qualifications:
Education and Experience Bachelor s degree or higher in Information Technology or other engineering or technical discipline and at least 6 years IT experience with a minimum of 4 years Cyber Security Information experience. Four year relevant experience may be substituted with professional certification: Certified Information Systems Security Professional (CISSP) CISA Certified Information Systems Auditor (CISA) CEH Certified Ethical Hacker (CEH) CISM Certified Information Security Manager (CISM) ISSAP Information Systems Security Architecture Professional (ISSAP) ISSEP Information Systems Security Engineering Professional (ISSEP) Certification in Spunk and Enterprise Security Administration Strong ability with security policy administration, ACLs, IPS/IDS, port scanning and pentesting tools. Experience in threat management and assessment as it relates to incident response. Experience with corporate security risk assessment, analysis and mitigating controls. Experience with endpoint security solutions, including file integrity monitoring, white listing, and data loss prevention. Experience with Windows OS Windows Server, Windows Domains, Active Directory, and Secretary of the Commonwealth Senior Cyber Security Engineer GPO's. In depth understanding of NIST SP 800-61, CIS Controls. Familiarity with routers, switches, firewalls, load balancers, proxies, accelerators, and wireless technologies. Personal Attributes: Excellent analytical and problem solving skills. Uses problem solving techniques such as root cause analysis to resolve issues. Highly self-motivated and self-directed, with keen attention to detail. Demonstrates excellent oral and written communication skills. Ability to work independently and on multiple projects simultaneously. Collaborates and assumes a technical leadership role when required. Comfortable with presenting policies, mentoring colleagues on security best practices. Ability to explain network and security concepts to both fellow technical staff in detail, and to non- technical staff at an appropriate level. Is effective in prioritizing tasks within a high-pressure competing environment. Strong organizational skills. Demonstrates an interest in working hard in a fast-paced environment, enjoys challenges, and has fun while doing it
The Company is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law. To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.
Role:
The Senior Cyber Security Engineer will be responsible for day-to-day management of a network security architecture that supports the needs and goals. He/she will help plan, implement and support security solutions at multiple locations around the state. After hours availability is required to respond to emergencies and to perform system maintenance that cannot be completed during normal business hours. Under the supervision of the Security Manager, working individually or as part of a project team, the Senior Cyber Security Engineer will continuously assess security and related risks to the enterprise office locations, assets, and employees and make recommendations for mitigation strategies that will decrease risk. They will assist in maintaining the confidentiality, integrity, and availability of computer workstations, servers, and local area networks.
Experience:
The desired candidate will have significant operational cyber security experience with a background in incident response; project development and management related to planning, implementation and maintenance of security systems and processes; experience with threat modeling; implementation of security controls to protect infrastructure and data; a working knowledge of security domains and security frameworks; experience with SIEM tools; experience with vulnerability identification, assessment, and management; knowledge of network and traffic analysis; and knowledge of penetration testing techniques. Personal Attributes: Important skills related to this position include attention to detail, the ability to task switch, excellent written and verbal communication, the ability to work both independently and collaboratively to complete assigned tasks, and the ability to deliver results in high pressure circumstances.
Primary Responsibilities:
The Senior Cyber Security Engineer will be responsible for all operational aspects of network security engineering: design, implementation, optimization, monitoring, mitigation and troubleshooting of our LAN, WAN, WLAN and DR networks. Participate in and often lead investigations pertaining to threat assessment and mitigation for both internal and external threats. o Incident response, remediation and recovery. o Conduct investigations of anomalies found during audit trailanalysis. o Participate in security related investigations as needed to ensure that policy defined tasks are completed. Provide technical support for numerous standalone and network systems to includepenetration testing, vulnerability scanning, virus updates, patches, service packs, and hot fixes, policies related to onboarding/offboarding of staff, media controls, and ensuring all security related documentation is notated asrequired. Monitor networks and systemsfor security issuesthrough the use of varioussecurity tools. Perform vulnerability scans, analyze results and assist with the remediation as necessary. Conduct regular audits to ensure authorized systems are being operated securely and are in compliance with security policies and procedures. Monitor access to all information systems and report on compliance with established policies and procedures, relative to the level of potential risk and recommend appropriate corrections. With the Security Manager, leverage security best practices to assess, design, test, approve, implement, and support new and existing multi-tier solutions in multiple sites and data centers. Create accurate network diagrams and documentation for planning securitybasedchanges, investigating network impact, and issuing resolutionprocedures.
Technical Qualifications:
Education and Experience Bachelor s degree or higher in Information Technology or other engineering or technical discipline and at least 6 years IT experience with a minimum of 4 years Cyber Security Information experience. Four year relevant experience may be substituted with professional certification: Certified Information Systems Security Professional (CISSP) CISA Certified Information Systems Auditor (CISA) CEH Certified Ethical Hacker (CEH) CISM Certified Information Security Manager (CISM) ISSAP Information Systems Security Architecture Professional (ISSAP) ISSEP Information Systems Security Engineering Professional (ISSEP) Certification in Spunk and Enterprise Security Administration Strong ability with security policy administration, ACLs, IPS/IDS, port scanning and pentesting tools. Experience in threat management and assessment as it relates to incident response. Experience with corporate security risk assessment, analysis and mitigating controls. Experience with endpoint security solutions, including file integrity monitoring, white listing, and data loss prevention. Experience with Windows OS Windows Server, Windows Domains, Active Directory, and Secretary of the Commonwealth Senior Cyber Security Engineer GPO's. In depth understanding of NIST SP 800-61, CIS Controls. Familiarity with routers, switches, firewalls, load balancers, proxies, accelerators, and wireless technologies. Personal Attributes: Excellent analytical and problem solving skills. Uses problem solving techniques such as root cause analysis to resolve issues. Highly self-motivated and self-directed, with keen attention to detail. Demonstrates excellent oral and written communication skills. Ability to work independently and on multiple projects simultaneously. Collaborates and assumes a technical leadership role when required. Comfortable with presenting policies, mentoring colleagues on security best practices. Ability to explain network and security concepts to both fellow technical staff in detail, and to non- technical staff at an appropriate level. Is effective in prioritizing tasks within a high-pressure competing environment. Strong organizational skills. Demonstrates an interest in working hard in a fast-paced environment, enjoys challenges, and has fun while doing it
The Company is an equal opportunity employer and makes employment decisions on the basis of merit and business needs. The Company will consider all qualified applicants for employment without regard to race, color, religious creed, citizenship, national origin, ancestry, age, sex, sexual orientation, genetic information, physical or mental disability, veteran or marital status, or any other class protected by law. To comply with applicable laws ensuring equal employment opportunities to qualified individuals with a disability, the Company will make reasonable accommodations for the known physical or mental limitations of an otherwise qualified individual with a disability who is an applicant or an employee unless undue hardship to the Company would result.
Source : SSP