Information Security Engineer
Job Description
Professional Search Group is currently working with a tech company who's seeking a CONTRACT REMOTE INFORMATION SECURITY ENGINEER. This is a 6 MONTH CONTRACT with the possibility of either extending or converting to FTE.
**CANDIDATES MUST US CITIZENS OR GREEN CARD HOLDERS.
POSITION TITLE: Information Security Engineer
DEPARTMENT NAME: Security and Network Engineering
POSITION JOB DUTY: To improve application, system, and network security visibility and validation, responding to events as necessary within required timeframes.
POSITION SUMMARY: This is an operational role that requires hands-on experience. Information Security Engineers may be called on to engage in a team effort together with other E&IT departments and non-IT business units. The duties require the consistent exercise of judgment and discretion, ability to work with limited supervision regarding technical issues and the ability to collaborate in technical efforts of a team to meet security project goals.
REQUIRED KNOWLEDGE, SKILLS, AND ABILITIES (KSAS):
● Working on problems involving enterprise security risks with minimal supervision.
● Perform as a Subject Matter Expert in the realm of Information Security with cross functional teams in the organization.
● Document, and assist in providing security advisories for staff
● Co-authoring information security policies and defining procedures to implement industry best practices.
● Participating in projects to identify security issues proactively through analysis of network traffic, software and hardware testing, log review and consultation with users.
● Conduct or collaborate on forensic examinations of digital records, logs and other data.
● Working with various corporate security systems
● Work with IT End User Support staff in analyzing security related events to assist with escalation decisions.
● Participate in or coordinate security monitoring and incident response for systems.
● Coordinate with vendors and external security teams to address security issues for external IT services and systems.
● Evaluate the impact to the organization of current security advisories, publications, and trends.
● Apply automation to simplify routine tasks.
● Perform security reviews and provide insights throughout all phases of software development.
● Proficiency in developing clear, concise and easy to follow documentation for security operations related procedures.
● SCRIPTING/PROGRAMMING SKILLS SUCH AS SHELL SCRIPTING, PYTHON, PERL.
● SYSTEMS OPERATION AND ADMINISTRATION EXPERIENCE WITH LINUX, WINDOWS SERVER, VMWARE AND/OR CONTAINER
● EXPERIENCE WITH SPLUNK. (SIEM ARCHITECTURE EXPERIENCE IS HIGHLY DESIRABLE.)
● EXPERIENCE WITH NEXPOSE (RAPID7) IS HIGHLY DESIRABLE.
● Incident Response
o Respond to security events on a 24/7 basis if necessary
o Collect, analyze and archive electronic and written records, digital media, notes and other evidence
o Identify ways we can learn from security events and avoid repeat events
● SUBJECT MATTER EXPERTISE IN AT LEAST 2 OF THE FOLLOWING AREAS, WITH THE CAPABILITY TO ACQUIRE EXPERTISE IN ALL:
▪ Authentication and Authorization
▪ User Behaviour Analytics
▪ OS Security Hardening (Windows, Linux, MacOS, iOS)
▪ Knowledge (or the capacity to quickly gain knowledge) of encryption theory and practice (e.g. TLS, HMAC, RSA, AES, PKI)
▪ Log Management (SEIM)
▪ IDS/IPS
▪ Packet Capture Dissection
▪ Attack Techniques
▪ Secure Coding Practices
▪ Common Vulnerabilities and Mitigation
▪ Manual Attack / Defense Techniques
▪ Automated Scanning
▪ Passive Network Detection
▪ DREAD
▪ STRIDE
▪ NIST CSF
▪ Anonymization methods
▪ Tokenization methods
▪ Masking methods
● Other duties as assigned or requested
● Able to travel internationally if requested