We are looking for a capable senior security engineer, who enjoys very detailed security work and possesses both deep and wide expertise in the security space.
Your responsibility will be to better the security posture of the organization by protecting system boundaries, keeping computer systems and network devices hardened against attacks and securing highly sensitive data. Qualified candidates will have a background in security, networking and systems engineering.
Essential Duties and Responsibilities
Engineer, implement, manage and monitor security solutions, for the protection of computer systems, networks and data
o Maintain SIEM.
o Perform Vulnerability Scanning.
o Configure WAF rules.
o PII scanning and prevention.
o Maintain NIDS and HIDS
o Configure FIM rules.
o Assist with Firewall Policies.
o Assisting with web application security scans.
o Provide information and evidence to assist with PCI Audits .
o Coordinating Pen Test results with correct teams.
Identify and define system security requirements
Develop detailed cyber security designs
Prepare and document standard operating procedures and protocols and processes
Configure and troubleshoot security infrastructure devices
Provide lead security engineering responses for security incidents
Provide expert advice and consultancy on remediation of security findings
Provide training & technical leadership to other resources
Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancement
Periodically review firewall policies to ensure an up to date and secure rule set
Participate in an ongoing 24/7 on-call rotation
Required Skills/Experience
BS degree in Computer Science or related field, or equivalent experience
7 Years of experience in IT, 5 years’ experience in Information Security Engineering
Proven work experience as a system security engineer or information security engineer
Experience working in complex infrastructure environments. Established understanding of the relationships between networked systems, applications & APIs, and users.
Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols
Experience in building and maintaining security systems
Hands on experience with CENTOS, other Linux flavors
Hands on experience in the following:
o Firewalls
o Intrusion Detection/Prevention systems (IDS/IPS)
o File-Integrity Monitoring (FIM)
o Anti-Virus software
o Security Information and Event Management (SIEMs)
o Web Application Firewalls (WAFs)
o Authentication Systems
o Data Loss Prevention (DLP)
o Log Management
o Content Filtering
o Vulnerability Management
o Cloud Security
o Identity and Access Management (SSO)
o Multi Factor Authentication
Deep level knowledge of networking protocols, TCP/IP
Linux command line experience
Ability to script in python and pearl,
System hardening practices
Incident response experience
Web application security knowledge
PCI-DSS audit experience
Experience with network security and networking technologies and with system, security, and network monitoring tools
Thorough understanding of the latest security principles, techniques, and protocols
Be familiar with both open source and commercial security solutions
Preferred Certification:
CISSP
CCSP
CEH
ECSA
OSCP
GSEC
GCIA
GCFA
What we offer:
100% Employer Paid Health Insurance Base Plan; employee only
Dental, Vision, Life and Accident Insurance
Paid Holidays and 4 weeks PTO
401(k) Plan with employer match
Small collaborative teams where you can make an impact
Awesome opportunity to grow in the field of security and compliance
Vanco is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex including sexual orientation and gender identity, national origin, disability, protected Veteran Status, or any other characteristic protected by applicable federal, state, or local law.