Cloud Security Engineer

New York, New York 10001 | Direct Hire

Post Date: 12/03/2015 Job ID: 56 Industry: Other Area(s)

Description

Job Purpose:  Are you interested in a role which is responsible for the security of mission critical production systems in a SaaS company that utilizes some of the most advanced technology on the market? Do you enjoy working with passionate technologists in a collaborative, dynamic environment? Then we have the perfect job for you. Actively looking for a Cloud Security Engineer who will ensure that security standards are achieved, production and non-production platforms are secure and incident response is at the ready. This lead Security Engineer must be able to work closely with the global Engineering and IT leadership to properly achieve objectives. The ideal candidate will be results driven, goal-oriented, a leader, and will possess a strong capability to handle interruptions while multi-tasking in a fast-paced environment. This lead Security Engineer’ s responsibilities include security system deployments, configuration, monitoring and reporting. This position will have a lead role in performing vulnerability assessments, security testing, and working with operations and development teams on remediation and mitigation of findings. This position will have a primary role on the security incident response (CSIRT) and disaster recovery teams. The Lead Security Engineer is responsible  for planning, designing and implementing security controls which safeguard information systems, enterprise applications and data.Job

 

Responsibilities:
  • Analyze, troubleshoot, and investigate security-related, information system anomalies based on security platform reporting, network traffic, log files, host-based and automated security alerts
  • Maintain, configure, and analyze network and host-based security platforms:
  • System and web application vulnerability scanning tools
  • Automated security patching systems
  • Network and host-based Intrusion Detection/Prevention Systems
  • Security Information & Event Management (SIEM) platforms
  • Web Application (Layer 7) Firewalls
  • Data Loss Prevention (DLP)
  • Anti-virus and anti-malware consoles
  • Firewall and network access controls lists
  • Web and E-mail proxy and filtering systems
  • Physical access control systems
  • Evaluate systems and applications using vulnerability scanners and manual techniques to verify system security settings and configurations
  • Provide recurring reports for network and host-based security solutions
  • Provide CSIRT support as needed in response to information security related events
  • Participate in DR exercises and continuous improvement processes
  • Assist with the development of security tool requirements, trials, and evaluations, as well as security operations procedures and processes
  • Provide off-hours support on an infrequent, but as needed basis

 

Qualifications:
  • Bachelor’ s degree in Computer Science, Information Technology or related field or a combination of education and experience
  • A minimum of 4-7 years IT experience, at least three of those years focused on IT security
  • Bachelor’ s degree in Computer Science, Information Technology or related field or a combination of education and experience
  • A minimum of 4-7 years IT experience, at least three of those years focused on IT security
  • Must possess or obtain within 12 months from date of hire, an industry recognized information security certification, such as a CISSP (or Associate), CISA,  SSCP or equivalent
  • Hands-on experience with some of the following: vulnerability scanning, firewall, anti-virus and anti-malware analysis, proxy, IDS/IPS, log correlation tools, SIEM, DLP, NAC, and web application firewall solutions
  • Comfortable working on both Linux-based and MS Windows-based system platforms with a strong IT technical understanding and aptitude for analytical problem-solving
  • Understanding of auditing standards such as ISO 27001, SSAE16, CSA STAR, etc.
  • Strong understanding of enterprise, network, system and application level security issues
  • Strong understanding of enterprise computing environments, distributed applications, and TCP/IP networks
  • Understanding of the system hardening processes, tools, guidelines and benchmarks
  • Fundamental or greater understanding of encryption technologies

 

Jason Destro

Over 20 years’ of recruiting experience with hands-on recruiting and placement of I.T. professionals (Full Time, Temp 2 Perm, & Contingent) in the NJ/NY/CT/PA marketplace for a wide variety of today's demanding IT skill sets. Focused on delivering exceptional service by understanding client’s objectives and goals.

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs:


Textbox Section