Close By continuing to use and navigate this website, you are agreeing to the use of cookies. Accept -Email similar jobs to me -Share this Job -Security Engineer Apply now -Date:Apr 20, 2018 Location:Westminster, MD, US, 21157 Year:2018 Company:Penguin Random House LLC Requisition ID:18775 -Security Engineer The IT department is looking for a Security Engineer to join the team. Major Functions: -Apply system security engineering principles to deliver real solutions premeditated to enhance the security position including requirements definitions, testing and test plans, implementation -Identify threats and develop suitable defense measures, evaluate system changes for security implications, and recommend enhancements, research, and draft cyber security best practices, and provide support to the cyber security operations staff for resolving difficult cyber security issues -Write Risk Management Framework (RMF)-based policies and procedures and develop comprehensive cyber security processes from project inception through to implementation, including Risk Assessments. -Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement as required -Configure and troubleshoot security infrastructure devices -Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks -Advise with configuration of Windows and Linux host-based security as well as network and cloud-based security systems -Support with the installation and configuration of security architectures, including web application firewalls -Participate in Security Incident response investigation requests and handle escalations for active incidents -Available to work off hours during the evenings and weekends as required, sometimes with little advanced notice. Required Skills: -Knowledge of cyber defense and vulnerability assessment tools, including open source tools, and their capabilities. -Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols -Knowledge of known vulnerabilities from alerts, advisories, errata, and bulletins. -Knowledge of Cisco (does not have to be Cisco certified) -Knowledge of cybersecurity principles and organizational requirements (relevant to confidentiality, integrity, availability, authentication, non-repudiation) -Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation tools and procedures utilizing standards-based concepts and capabilities. -Knowledge of new and emerging information technology (IT) and cybersecurity technologies. -Knowledge of systems diagnostic tools and fault identification techniques. -Knowledge of Personally Identifiable Information (PII) data security standards. -Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed. -Knowledge of network security architecture concepts including topology, protocols, components, and principles (e.g., application of defense-in-depth). -Knowledge of computer networking concepts and protocols, and network security methodologies. -Knowledge of risk management processes (e.g., methods for assessing and mitigating risk). -Knowledge of cybersecurity principles. -Knowledge of cyber threats and vulnerabilities. -Knowledge of specific operational impacts of cybersecurity lapses. -Knowledge of the Security Assessment and Authorization process. -Knowledge of cybersecurity principles used to manage risks related to the use, processing, storage, and transmission of information or data. -Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). -Knowledge of penetration testing principles, tools, and techniques. -Knowledge of system and application security threats and vulnerabilities. -Knowledge of confidentiality, integrity, and availability principles. -Skill in discerning the protection needs (i.e., security controls) of information systems and networks. -Skill in determining how a security system should work (including its resilience and dependability capabilities) and how changes in conditions, operations, or the environment will affect these outcomes. -Skill in identifying measures or indicators of system performance and the actions needed to improve or correct performance, relative to the goals of the system. -Skill in evaluating the trustworthiness of the supplier and/or product. -Knowledge of an organization's information classification program and procedures for information compromise. -Skill in conducting vulnerability scans and recognizing vulnerabilities in security systems. -Skill in applying confidentiality, integrity, and availability principles. Education and Experience requirements: -Bachelors Degree or equivalent work experience -Requires a minimum of 3 years of experience in positions with a focus on technology, infrastructure, engineering, architecture and security -Experience in enterprise security engineering, design and implementation. Penguin Random House is the leading adult and childrens publishing house in North America, the United Kingdom and many other regions around the world. In publishing the best books in every genre and subject for all ages, we are committed to quality, excellence in execution, and innovation throughout the entire publishing process: editorial, design, marketing, publicity, sales, production, and distribution. Our vibrant and diverse international community of nearly 250 publishing brands and imprints include Ballantine Bantam Dell, Berkley, Clarkson Potter, Crown, DK, Doubleday, Dutton, Grosset & Dunlap, Little Golden Books, Knopf, Modern Library, Pantheon, Penguin Books, Penguin Press, Penguin Random House Audio, Penguin Young Readers, Portfolio, Puffin, Putnam, Random House, Random House Childrens Books, Riverhead, Ten Speed Press, Viking, and Vintage, among others. More information can be found at -. Penguin Random House values the array of talents and perspectives that a diverse workforce brings. All qualified applicants will receive consideration for employment without regard to race, national origin, religion, age, color, sex, sexual orientation, gender identity, disability, or protected veteran status.