Senior Security Engineer - Burlington, MA - Georgia IT Inc.
Burlington, MA
About the Job
Job Title : Senior Security Engineer
Location : Burlington, MA
Client Domain : Communications
Rate : $/hr on W2 or 1099
Position Type : 5 Months Contract
Start Date : Immediate.
Must be US CITIZEN, Green Card and GC EAD
Job Description
Description:
Our client is seeking a Senior professional Security Engineer who will be responsible for actively supporting the availability, integrity, and confidentiality of information assets in compliance with company security policies, standards, and best practices. The Security Engineer will participate in a broad range of technical security engineering, security operations and analysis tasks in support of a comprehensive security program to support the Security and Risk Management framework. This Engineer will join a Security Operations/Engineering (SOE) and Security Operations Center (SOC) organization committed to exceeding the expectations of customers, taking care of the team, adding company value, and self-growth to drive the customer engagement process throughout the organization. With the increasing regulatory needs and a rash of highly-publicized cyber security events in the news, our clients demand our SOC to manage leading Voice Recognition Software products across all divisions. This role would serve as the foundation to the SOESOC team by facilitating all inbound/outbound security alerts. We're seeking someone with the passion to get things done, the experience to help us do things more effectively, and the professionalism to represent us with our clients.
Responsibilities:
1. Security Engineer is responsible for the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. They will define, deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support the global and enterprise environments covering threat/vulnerability management.
2. Responsible for evaluating, testing, recommending, developing, coordinating, monitoring and maintaining information security for operating systems, user authentication, and applications; driving strategic security architecture. Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks.
3. Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume. Identify security risks and exposures, determine the causes of security violations and suggest procedures to halt future incidents.
4. Identify appropriate platform and application logging and triggers at design phase to support advanced fraud and cyber detection use cases. Integrate appropriate systems and logs into the global threat management platform or Security Incident and Event Management system to properly protect critical assets. Design, test and develop specific content and alerting to identify threats against critical assets Document incident response procedures for new threat content and alerts.
5. Maintain an understanding of attacks, vectors and emergent threats. Provide tier II support for escalated security incidents. Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies.
6. Perform Security Engineering Research and Development; apply systems and network analysis techniques and procedures, including consulting with users to determine hardware, software, and security system functional specifications related to the ongoing security measures and defense in depth security strategy
7. Review/troubleshoot miscellaneous issues users may encounter to systems applications.
8. Review and implement policies and procedures regarding security access as problems are identified, received, documented, distributed and corrected.
9. Participate in the review and/or evaluation of security access information system products and/or services to determine the most effective aide to end users.
10. Provide problem escalation as necessary
11. Demonstrated experience in communicating effectively in written and spoken form to broad internal and external entities including non-technical executives, corporate officers, business colleagues, product and service vendors and internal/external peers. Strong ability to influence and persuade others through collaboration.
12. Aptitude to quickly learn in dynamic fast paced business environment. This includes new hardware, software, business processes, acquisitions, etc.
13. Perform regular additional security related tasks as assigned
Supportive Job Functions:
1. Monitor advancements in information security technologies to support security hardware, software, and system functional specifications.
2. Monitor changes in legislation and accreditation standards that affect information security.
3. Initiate, facilitate, and promote activities to foster information security awareness within the organization.
4. Perform other duties as assigned to support senior security engineering personnel.
Knowledge, Skill, and Abilities:
1. Basic understandings of security on networks, Windows systems, open systems, applications, and web and public facing systems.
2. Basic understanding of networking concepts
3. Ability to multi-task under strict deadlines.
4. Professional and interpersonal skills.
5. Ability to work effectively and contribute within a team environment.
Required Education, Experience, and Certification:
1. Minimum of 3 to 5 years security or related experience required.
2. CISSP or equivalent security certification is preferred.
3. Experience with security related technical tools (Palo Alto, Tripwire, Splunk, ELK) and processes is required.
Scope of Job:
1. No direct reports
2. No supervisory responsibility, general supervision received.
3. Ability to participate in a 7/24 on call schedule.
4. Indoor working conditions with minimal travel and a consistent work week.
5. Errors may cause large expenditures.
6. Regular contact inside the company.
7. This role will have access to the highest levels of company confidential data
Location : Burlington, MA
Client Domain : Communications
Rate : $/hr on W2 or 1099
Position Type : 5 Months Contract
Start Date : Immediate.
Must be US CITIZEN, Green Card and GC EAD
Job Description
Description:
Our client is seeking a Senior professional Security Engineer who will be responsible for actively supporting the availability, integrity, and confidentiality of information assets in compliance with company security policies, standards, and best practices. The Security Engineer will participate in a broad range of technical security engineering, security operations and analysis tasks in support of a comprehensive security program to support the Security and Risk Management framework. This Engineer will join a Security Operations/Engineering (SOE) and Security Operations Center (SOC) organization committed to exceeding the expectations of customers, taking care of the team, adding company value, and self-growth to drive the customer engagement process throughout the organization. With the increasing regulatory needs and a rash of highly-publicized cyber security events in the news, our clients demand our SOC to manage leading Voice Recognition Software products across all divisions. This role would serve as the foundation to the SOESOC team by facilitating all inbound/outbound security alerts. We're seeking someone with the passion to get things done, the experience to help us do things more effectively, and the professionalism to represent us with our clients.
Responsibilities:
1. Security Engineer is responsible for the collection, analysis, and dissemination of cyber threat intelligence. These capabilities will include timely collection of advanced warning of impeding IT vulnerabilities or threats, a thorough correlation, analysis, and storage of threat intelligence information, and operational support of the incident response process. They will define, deliver and sustain the enterprise management strategy and solutions from a governance, process, discipline and technology standpoint, to support the global and enterprise environments covering threat/vulnerability management.
2. Responsible for evaluating, testing, recommending, developing, coordinating, monitoring and maintaining information security for operating systems, user authentication, and applications; driving strategic security architecture. Support the Cyber Incident Response Team (CIRT) in the effective detection, analysis, and containment of attacks.
3. Operate the processes necessary to collect threat intelligence, analyze the data for patterns and actionable information, and create intelligence products for other teams to consume. Identify security risks and exposures, determine the causes of security violations and suggest procedures to halt future incidents.
4. Identify appropriate platform and application logging and triggers at design phase to support advanced fraud and cyber detection use cases. Integrate appropriate systems and logs into the global threat management platform or Security Incident and Event Management system to properly protect critical assets. Design, test and develop specific content and alerting to identify threats against critical assets Document incident response procedures for new threat content and alerts.
5. Maintain an understanding of attacks, vectors and emergent threats. Provide tier II support for escalated security incidents. Obtain and share cyber security intelligence with security partners, vendors and law enforcement as necessary. Mentor and educate teams with expert knowledge of information security event management, security forensics, network access controls and perimeter security, operations, implementations of new technologies.
6. Perform Security Engineering Research and Development; apply systems and network analysis techniques and procedures, including consulting with users to determine hardware, software, and security system functional specifications related to the ongoing security measures and defense in depth security strategy
7. Review/troubleshoot miscellaneous issues users may encounter to systems applications.
8. Review and implement policies and procedures regarding security access as problems are identified, received, documented, distributed and corrected.
9. Participate in the review and/or evaluation of security access information system products and/or services to determine the most effective aide to end users.
10. Provide problem escalation as necessary
11. Demonstrated experience in communicating effectively in written and spoken form to broad internal and external entities including non-technical executives, corporate officers, business colleagues, product and service vendors and internal/external peers. Strong ability to influence and persuade others through collaboration.
12. Aptitude to quickly learn in dynamic fast paced business environment. This includes new hardware, software, business processes, acquisitions, etc.
13. Perform regular additional security related tasks as assigned
Supportive Job Functions:
1. Monitor advancements in information security technologies to support security hardware, software, and system functional specifications.
2. Monitor changes in legislation and accreditation standards that affect information security.
3. Initiate, facilitate, and promote activities to foster information security awareness within the organization.
4. Perform other duties as assigned to support senior security engineering personnel.
Knowledge, Skill, and Abilities:
1. Basic understandings of security on networks, Windows systems, open systems, applications, and web and public facing systems.
2. Basic understanding of networking concepts
3. Ability to multi-task under strict deadlines.
4. Professional and interpersonal skills.
5. Ability to work effectively and contribute within a team environment.
Required Education, Experience, and Certification:
1. Minimum of 3 to 5 years security or related experience required.
2. CISSP or equivalent security certification is preferred.
3. Experience with security related technical tools (Palo Alto, Tripwire, Splunk, ELK) and processes is required.
Scope of Job:
1. No direct reports
2. No supervisory responsibility, general supervision received.
3. Ability to participate in a 7/24 on call schedule.
4. Indoor working conditions with minimal travel and a consistent work week.
5. Errors may cause large expenditures.
6. Regular contact inside the company.
7. This role will have access to the highest levels of company confidential data
Source : Georgia IT Inc.