Security Engineer, Corporate Security - Enterprise Cyber Security Engineering
· Day-to-day coordination and collaboration with a wide array of IT groups, Information Security teams, business units, and client delivery teams.
· Build, maintain hardware, platform, and core application management including upgrades, maintenance, and troubleshooting of security controls – be familiar with security control frameworks from NIST or HIPAA and PCI
· Participate in the Agile process to incrementally drive improvement of core security controls
· Monitor, manage and tune core security controls
· Develop and deliver required metrics and reports, including vulnerability management and preventive controls like AV
· Develop process and procedure documentation for core security controls
· Troubleshooting skills
· Proxy / DLP / E-mail gateway
· Intrusion Prevention Systems (IPS)
· Web Application Firewall (WAF)
· Security Incident Event Management (SIEM)
· Endpoint Detection Response (EDR)
· Certificate management
· Scripting using PowerShell or python
· Multi-Factor Authentication (MFA)
· 3-7 years of progressive experience in information technology
· 3-5 years of progressive information security experience across 2 or more information security / information technology risk management domains such as but not limited to:
o Network Security
§ Must be able to deploy IPS/IDS including sensors and ensure they are reporting to central console.
o Host/Endpoint Security
§ Must have experience with desktop OS including Windows 7 / Windows 10 / Windows Server 2008 Must understand UAC, Windows processes and NTFS
o Data Security
§ Understand how data is identified or de-identified and how DLP works
o Vulnerability Management
§ Must be able to deploy remote scanners, set up different types of scans and compile reports in graphs and pivot tables. Must be able to validate and enumerate vulnerabilities found in the scanning
· Deep knowledge of TCP/IP protocols including routing and subnetting. Must know the differences between private and public IP’s address.
· Knowledge of MFA (Multi-Factor Authentication), including set up of the console, provisioning tokens and troubleshooting issues
· Understand SIEM including implementation, hardware maintenance and onboarding log sources
· Understand how Proxy works including whitelisting and agent troubleshooting
· Understand how MTA filters e-mail and force it SMTP through appliance
· In depth knowledge of HIPAA regulatory requirements and HiTrust CSF.
· Excellent technical aptitude, resourcefulness, and critical thinking skills
· Ability to identify security risks and weaknesses and provide security mitigation and remediation recommendations
· Demonstrated experience and expertise with multiple security controls within multiple security domains
· Ability to think strategically with strong attention to detail
· Must possess strong written and verbal communication skills
· Experience working with global teams across multiple time zones, cultures and languages.
· Bachelor’s Degree in Computer Science, Engineering or related field or equivalent work experience required
· GIAC, CISSP, CISM, or other relevant information security industry recognized certification preferred
4 freelance font une offre moyenne de $31/heure pour ce travail
I have a hands on Experience with Semantic Proxy , IDS,IPS, Contentsecurity, Firewalls ( Web, network, Application), Load balancers, SIEM Tools, Cisco ISE(MFA), Cisco, Checkpoint, Fortinet, Juniper.
Hello, I'm a Cybersecurity professional with more than 14 years of experience. I am MsC and hold several certifications. I would be glad to help you with your projects. BR