Hardener Job Description Sample
Active Cyber Defense Engineer
We offer a competitive salary with a robust Fortune 500 type benefits package: employee assistance, employee adoption, 401K with match, medical, dental, vision, life, short-term and long-term disability, 15 paid time days off, 10 holidays, unlimited web-based training and up to $5K towards continuing education and/or professional development and more!
Founded in 2004, ApplyLogic is a Veteran Owned Small Business, ISO9001:2015 certified with over $7M annual revenues and 35 employees. Our growth has been recognized in the Washington Technology Fast 50 and the INC. 5000. We have an immediate Active Cyber Defense Engineer position available in Laurel, MD.
Job Description and
The Active Cyber Defense Engineer will actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in network and on host.
- Actively hunt for Indicators of Compromise (IOC) and APT Tactics, Techniques, and Procedures (TTP) in network and on host.
- Find evidence of attack, and attackers actions thereafter.
- Work with team to produce effective countermeasures against found evidence. Also, contributes to mitigations for future attacks of a similar nature.
- Follow Security Operations Center (SOC) policies, procedures for incident reporting and management. Create a detailed Incident Report (IR) and contribute to lessons learned. .
- Analyze infrastructure build sheets, Configuration Management Database (CMDB), NIST 800-53 ATO artifacts, Vulnerability scans, Access Control Lists (ACL), and vendor documentation to thoroughly understand software behaviors and interactions. .
- Monitor open source and commercial threat intelligence for IOCs, new vulnerabilities, software weaknesses, and other attacker TTPs.
- Study and understand IANA, W3C, IETF and other internet bodies’ protocol RFC definitions to understand violations and security weaknesses.
- Conduct forensic testing and operational hardening of multiple OS platforms.
- Analyze network perimeter data, flow, packet filtering, proxy firewalls, and IPS/IDS to create and implement a concrete plan of action to harden the defensive posture.
- Work with SOC shift team to help contain intrusions.
- Provides detailed requirements to team security engineers, SIEM specialists, and other team capability developers to provide reusable hunt tactics and techniques for other team analysts.
- Provide detailed input to watchlog and provide thorough pass-down.
- Thorough understanding of network protocol behaviors. Ability to understand netflow and PCAP.
- Thorough knowledge of open source tools to visualize PCAP data (Wireshark, TCPDump, etc.).
- Detailed knowledge of various forms of social engineering, including the ability to recognize and handle spear-phishing campaigns or other forms of social engineering attacks.
- Comprehensive knowledge of Windows and Linux behaviors, logging, vulnerabilities, exploits, and known attacks.
- Use of IPSec packet filtering and Windows firewalls with specific application to defense in depth of network based attacks, data corruption, data theft, credential theft, and administrative control.
- Red Team/Blue Team experience from a federal agency
- Expert knowledge of network routing and switching fundamentals to include knowledge of Multiprotocol Layer Switching (MPLS)
- Deep technical understanding of operating systems, network architecture and design, Active Directory (AD) application log consumables, systems design as well as superior knowledge of technical operations process and procedures
- Knowledge of how encryption, key management and cryptology works in the enterprise and in cyber data
- Understanding of Enterprise Architecture Standards such as the Department of Defense Architecture Framework (DODAF), Service-Oriented Architecture (SOA), the Open Group Architecture Framework (TOGAF), and/or the Amazon Web Services (AWS) Well Architected Framework
- Knowledge in the Risk Management Framework (NIST 800-37), Security Controls as described in NIST 800-35, and the Federal Information Security Modernization Act (FISMA) operating standards and applicable guidelines (risk profiling, control selection, control assessment, control monitoring)
- Expertise in performing threat modelling, risk analysis, root cause analysis, risk identification, and risk mitigation
- Expertise in Application Penetration Testing (fuzzing, reverse engineering, Fortify or similar, IDA Pro, Kali, BackTrack, OllyDbg, SQLMap, etc.)
- Expertise in Proof of Concept (Exploit) development
- Understanding of Secure SDLC (threat modelling, security requirements, secure design, secure implementation, secure testing, secure maintenance)
- Knowledge of Mobile Application Security and MDM sensor data
- Expertise in Embedded Device Security
- Expertise in Malware Analysis
- Understanding of various web application frameworks such as ASP.NET, J2EE
- Bachelor’s Degree and 10 years of experience
- Preferred certifications
- Certified Computer Security Incident Handler (CSIH)
- Electronic Commerce Council Certified Ethical Hacker (CEH)
- GIAC Information Security Fundamentals (GISF)
- ISC2 Certified Information System Security Professional (CISSP)
- U.S. Citizenship
- Public Trust, or must be able to obtain a Public Trust clearance
Senior Security Control Assessor
- BS and 12 Years experience. (4 years' of experience may be substituted for an BS)
- 8570 IAT or IAM Level lII certification (CASP, CISSP)
- TS SCI FS poly
- OS Certification / Desired: Microsoft Certified Information Technology Professional (MCITP).
Day to day activities:
Your day to day duties would include researching and troubleshooting security or compliance related questions. Creating baselines for new and upcoming OS's or applications and creating a test environments to help support testing including modifying audit file variables. Your team would consist of roughly 7-10 individuals. Additionally, duties may include:
· Conducting verification and validation for security compliance of all information systems, products, and components.
· Working with SCAP and XML data used for security testing.
· Analyzing documentation, configuration practices and procedures and operational practices and procedures
· Providing identification of non-compliance of security requirements and possible mitigations to requirements that are not in compliance.
· Providing mock vulnerability assessment of systems
· Providing process improvement recommendations
· Assisting the government to draft standards and guidelines for usage
· Experience in security testing or security engineering
· Experience with Windows or Unix systems
· Experience using vulnerability scanning technologies.
· Experience working both individually and as a team.
What makes a great employee for this position?
Our best team members consist of knowledgeable system administrators who have taken the next step to learn how to secure their systems. Having knowledge about the baseline system and its configuration settings goes a long way. Working security into a functioning system can be challenging and system administrators have a good understanding of the repercussions hardening a system can have on its functionality.
System Administrator III W/ Vmware, Hardware, And Networking Experience
- TO BE CONSIDERED FOR THIS POSITION YOU MUST HAVE AN ACTIVE TS/SCI W/ FULL SCOPE POLYGRAPH SECURITY CLEARANCE (U.S. CITIZENSHIP REQUIRED)
• Perform Linux administration for modern flavors of Linux (mainly CentOS)
• Create and harden custom linux images
• Support NIS/LDAP authentication environments
• DNS, DHCP, NFS, automounting and other Linux server support
• Patching and remediation of Linux systems
• Management and operation of VMware vSphere suite of products
• Netapp configuration and administration
• vSphere VM creation, backup, restoration and upgrades
• vSphere/ESXi patching and maintenance
• Syslog server configuration and maintenance
• Configure TLS on web servers and applications
• Install and configure server certificates and PKI authentication
• Integrate, install, configure, upgrade, compile all type of COTS/GOTS software
• Troubleshoot and resolve complex problems
• Make recommendations for purchases
• Develop and implement enterprise backup/recover strategies
• Configure and maintain seamless NFS/CIFS access to home directories and shares
• Prefer security+
• Hardening Linux systems
• Nessus scans and remediation
• SSL, PKI and TLS
• Bash, Perl or python scripting
• Active Directory - Windows Server 2003/2008
• Niagara Files
• McAfee EPO
• FOSS monitoring and metrics tool suites
• Net Backup and NetApp SMVI backup
• Cisco UCS platforms
• Solid troubleshooting skills and attention to detail
• Patching, backups, software installation and maintenance
Global Security Protective Design Manager
This role is responsible for, but not limited to, the design, implementation and maintenance of physical security design standards associated with the hardening of Facebook data centers and related infrastructure from hostile events. Successful candidate will lead projects on all mentioned responsibilities on a global level.
- Work with Global Security ("GS"), Cross-Functional ("XFN") partners, third party vendors, and SME's to create and implement a set of baseline site hardening standards for all types of Facebook offices in varying threat and risk levels
Design of facilities to mitigate the effects of multiple hazards including Blast, Seismic, Progressive Collapse, Perimeter Security, and Forced-Entry/Ballistic Resistance
Implement an integrated framework of standards in adherence to local and international laws, regulations and directives for structural security and blast resistance
Coordinate the implementation of Design Basis Threat (DBT) and Enterprise Security Risk Management program with internal Intelligence team and external risk/threat assessment SME's
Ensure that all GS related authoritative sources are captured and reflected in created site hardening standards
Constantly monitor the ever-changing security environment with the intention of creating, updating and enhancing GS enhanced security measures
Ensure that all created requirements and guidelines are clear, applicable and non-ambiguous
Work across all levels of the organization providing advice to organizational management and regional leadership teams
Capture and analyze feedback from Data Center management teams to improve implementation of site hardening measures
- Bachelor's Degree
Knowledge of physical security surveys, risk assessments, vulnerability assessments, and threat mitigation methodologies
Technical experience in the analysis of structures and facades
Knowledge of Data Center working environment, and Data Center infrastructure, to include redundancies and layered security
Knowledge of security construction and architectural principles, including critical infrastructure protection, Crime Prevention Through Environmental Design (CPTED) and blast mitigation
Knowledge of site access and perimeter delineation, security lighting, and physical barrier systems
Experience driving projects with team members located in remote locations, on a global level
Experience in design and implementation of standards, policies, procedures
Experience working in Physical Security with global operations/projects
Experience managing multiple projects
Experience with Microsoft Office Suite of Applications
- PE Certification
Experience building a program from the ground up
Security Engineer (Splunk Sme) W Active Dod Secret Clearance
TITLE: Security Engineer (SPLUNK SME) w Active DoD Secret Clearance
LOCATION: Arlington, VA
REQUIRED CLEARANCE: Active DoD Secret
TYPE: Salaried Position with benefits
REQUIRED CERTIFICATIONS: DOD 8570 IAT II certified: Security+, SSCP, GSEC, GICSP, CCNA-Security, or CySA+ certification; IAT III certifications also qualify: CISA, CISSP, CASP CE, GCIH, or GCED
- Serve as Splunk subject matter expert, responsible for engineering and maintenance of multiple clustered instances
- Provide implementation of technology that supports network defense, vulnerability management, and incident response based on our client’s unique mission needs.
- Implement and maintain security stack components, such as IDS/IPS, firewalls, SIEM, and host-based security systems.
- Mature the existing Splunk instances to support robust incident detection and insider threat programs
- Build system configuration baselines that leverage the Security Content Automation Protocol (SCAP) for both Windows and UNIX operating systems.
- Engineer event log correlation solutions to support effective customer response to security incidents.
- Conduct incident response actions based on detected events and incidents
- Research and analysis of new security products for technology insertion
- Validate and develop cyber security requirements
- Develop cyber security engineering solutions for various aspects of security
- Work with stakeholders in functional and technical areas in support of engineering tasks
Education and Certifications:
- DOD 8570 IAT II certified: Security+, SSCP, GSEC, GICSP, CCNA-Security, or CySA+ certification; IAT III certifications also qualify: CISA, CISSP, CASP CE, GCIH, or GCED
- Bachelor’s degree in an IT-related, math, or scientific program; will consider equivalent professional experience and certifications in lieu of degree
- 5 years of cyber security experience, 10 years of IT experience,
- Solid knowledge of cyber security principles and practices, as well as an advanced understanding of various technologies
- Extensive experience building and maintaining Splunk instances in a DoD/IC specific environment
- Experience using Splunk or other SIEM to correlate events and identify possible security events and incidents; must then be able to track down root cause of these events and work with CIRT team to conduct incident response actions
- Technical proficiency in both *NIX and Windows system administration and configuration.
- Technical proficiency in networking technologies and principles; routing, switching, subnetting
- Familiarity with deployments to and implementation of security functions in virtualized environments (VMware & Hyper-V)
- Familiarity with Windows, *NIX, and applications logs, such as database and web server logs
- Experience integrating, configuring, and operating the following: Tenable Nessus (ACAS), McAfee ePO (HBSS), next generation firewalls (NGFW) such as Palo Alto Networks, Network IDS/IPS such as Sourcefire
- Experience implementing and auditing DISA STIG hardening configurations
- Advanced level understanding of Load Balancing using the F5 BigIP suite of toolsets, Specifically with, LTM, and GTM modules
- Experience developing infrastructure to support highly available web applications
- Advanced level understanding of Network Engineering and security considerations as they apply to load balancing and constrained delegation functionality
- Preferred experience working with the F5 virtual appliance, vs. a physical deployment
- Excellent communication skills, written and verbal, to be able to effectively document solutions and obtain requirements from customers
- Experience with Risk Management Framework (RMF) and NIST 800 series
- Experience with regular expressions (REGEX)
- Familiarity with multi-level classification systems; single networks which support multiple classifications through the use of DAC and trusted cross-domain guards
- Splunk Administrator or Splunk Architect Certification
- Experience with SolarWinds for monitoring
- Experience with NAC supporting 802.1X authentication
- Experience with NGFWs such as Palo Alto
- Experience with IDS/IPS such as Snort, Cisco FireSIGHT, and/or Bro
- Experience with SolarWinds for monitoring
- Experience with packet analysis through full capture tools
- Experience with Cyber Deception tools
- Experience with inline threat prevention such as FireEye or Lastline
• Full MS WORD Resume
• Current and required compensation
• Current contact information
Upon receipt, one of our managers will contact you to discuss the position in full detail.
Intermedia Group, Inc.
Defense and Intelligence Industry Staffing
Security Engineer - Analyst # 0598
Security Engineer- AnalystOur Georgia client is looking for a Security Engineer to perform assessments on application, systems and networks and identify security vulnerabilities caused by gaps or failures in the patching, hardening/configuration or software development life-cycle (SDLC). The Security Engineer will monitor and report results to stakeholders and management as well as measure the effectiveness of remediation against internal policies and external compliance
Knowledge and Skills for the Security Engineer- Analyst Role
- Knowledge of
- risk management processes (e.g., methods for assessing and mitigating risk)
- laws, regulations, policies, standards and ethics related to cybersecurity and privacy.
- specific technical and operational impact of security lapses.
- system life cycle management principles, including software security and usability.
- secure coding techniques, system patching processes/methodologies and/or system and network hardening best practices.
- Confidentiality, Integrity and Availability requirements
- security, operational, development objectives.
- Apply cybersecurity and privacy principles to corporate policies and external compliance.
- Executing vulnerability assessments against applications and/or networks using automated and/or manual methods.
- Reporting results and analysis to stakeholders using tools, scripting or query languages as well as communicating with and maintaining compliance to policies.
- Experience delivering dashboard type reporting or metrics related to a security program by utilizing and correlating multiple data sources through APIs, database queries or other technical means.
- Bachelor's degree in Computer Science, Info Security, or related field or relevant work experience in a related field.
- Splunk and Vulnerability Management Reporting
- Minimum 2 years relevant experience including network operations or engineering or system administration on Unix, Linux, MAC (Message Authentication Code), or Windows; common security operations, intrusion detection systems, Security Incident Event Management systems, Penetration Testing, Web Application assessment, Secure Coding practices
- Professional certifications CISSP, CISM, CISA, GSEC, Network +, Security +
- Knowledge of industry standard security compliance programs such as PCI (Payment Card Industry), SOX (Sarbanes-Oxley), GLBA (Gramm Leach Bliley Act) etc.
- Certified Ethical Hacker CISSP
Unfortunately we are unable to provide sponsorship for this opportunity
Exchange Expert (Ts/Sci)
Seneca Resources is client driven provider of strategic Information Technology consulting services and Workforce Solutions to government and industry. Seneca Resources is a leading IT services provider with offices in Reston and Richmond, Virginia and Birmingham, Alabama that service clients throughout the United States. The key to our success lies within our strong corporate culture which drives our business. We challenge our staff through engaging work, and we reward our staff through competitive compensation, extensive professional training, and excellent opportunities for career advancement. In turn, we look for only the best and brightest to join our team.
We are an Equal Opportunity Employer and value the benefits of diversity in our workplace.
Position Title: Exchange Expert
Type: Full Time
Compensation: Very Competitive
Location: Washington, DC
- Must have Expert MS Exchange hands on experience with: Exchange Server 2010, and Exchange Server 2013 with migration to EX 2016 desirable.
- Ability to provide expert technical advice, guidance, and recommendations to management and technical specialists on critical Exchange & Windows software updates and vulnerability issues; recommend mitigation strategies; ensure coordination and collaboration on upgrade activities; and successfully implement hardening of the server infrastructure in appropriate server roles.
- Experience with implementing and administering MS Exchange 2010 and migrating Exchange to Exchange Server 2013 & 2016.
- Knowledge and experience administering systems in Microsoft Windows 2008 R2/2012 R2/2016 environments including clustering, Group Policies, advanced configuration, anti-virus and anti-malware software, email gateways, NetApp SAN storage, network routing, and PowerShell scripting.
- Expert working knowledge of Active Directory DC design, Schema, OU design, AD replication topology, and DC backup/restore procedures; DNS, GPO's, Message tracking and performance.
- Knowledge and experience administering Microsoft software including MS Exchange Server, MS SQL Server; Active Directory and LDAP technologies within a Windows environment.
- The ability to utilize and operate server monitoring tools for a Windows environment.
- Ability to effectively communicate both orally and in writing with management and technical specialists; to plan, organize and manage tasks on time with minimal supervision.
- Ability to take direction from and work collaboratively with the overall Project Manager and Team Leads
- Hands-on experience with:
- Group policy development and troubleshooting utilizing Microsoft Resultant Set of Policy (RSOP)
- VMware ESX
- Citrix XenApp and XenDesktop
- MS System Center Configuration Manager (SCCM)
- MS System Center Operations Manager (SCOM);
- Familiarity with Defense Information Systems Agency (DISA) STIGs baseline control and adherence
- Be a senior level administrator/engineer for all related domain policies implemented through Group Policy Objects (GPO) to include user and computer security initiatives, access restrictions, and OS and Application Updates based on users, groups and computers.
- Maintain and administer system monitoring solutions to include Microsoft System Center Configuration Manager (SCCM) and Operation Manger (SCOM)
- Support vulnerability mitigation and prevention for Windows server platforms using tools such as ACAS, HBSS, and STIG baseline configurations compliance IAW DISA requirements
- A minimum of 5+ years of demonstrated professional experience in an IT data center role at least 2 of which were in a MS Exchange SME/Senior Engineer position.
- 2+ years in support of a civilian federal government agency in a TS environment.
- Demonstrated understanding of federal government agency policies and procedures for datacenter operations.
- Must be able to communicate both orally and in writing at a management level.
- Excellent communication skills, including strong writing skills
- Experience managing compliance with license agreements
- Experience controlling and monitoring user access to the system
- Experience monitoring and optimizing the performance of the MS Exchange system
- Experience planning, executing, and maintaining backup and recovery of the system
- Experience writing functional requirements and preparing functional designs
Seeking talented individuals with a passion for technology and an interest in business to join our Solutions Architect team in the position of Solutions Architect. The position is based out of an Engineering Campus in Bulverde, Texas.
- Analyze customer requirements and recommend enhancements to our cutting-edge, hardware-based cryptographic solutions
- Provide ongoing technical support and guidance to our global customer base
- Test and troubleshoot new and existing hardware, software, and firmware developed for the data security and encryption industry
- Conduct customer training on our products and data security best practices
- Provide project management services for custom development initiatives and global Hardened Enterprise Security Platform implementations
- Write and maintain technical documentation released to the public
- Understand industry-specific APIs and protocols used when interfacing with external systems
- Apply business knowledge and technical ability to create state-of-the-art solutions to help enterprises secure their sensitive data
- Bachelor’s degree in technical and/or business related major
- Broad information technology background
- Specific experience with Cryptography (ideally in the financial sector)
- Strong problem-solving skills
- Strong communication skills
- Motivated, entrepreneurial mindset, with eagerness to learn
- Flexibility to assist in several different departments of the company
- 3-5 years experience
- Experience with TCP/IP networking
- Experience with multiple architectures and platforms
- Experience with Linux, OpenSSL, scripting (Python, Perl, Bash)
- Experience with sales, technical support, or quality assurance
- Competitive compensation and opportunities for advancement
- Opportunity to travel to worldwide destinations
- Health, dental, vision, life, and short/long-term disability insurance
- Paid vacation, holidays, and sick leave
- Complimentary gym membership
- Retirement plan with employer contribution match
- Scenic corporate campus with amenities including a tennis court, jogging trail, and putting green
- Welcoming, family-style corporate culture uniquely suited to fast-paced, entrepreneurial, and motivated individuals
Location – Waltham, MA
Duration- 6+ months
Interviews – if local, must do an onsite interview. IF not local skype is OK
The Security Architect serves as a security lead/visionary and will act as an expert in many areas of security, and can describe in business terms the impact of security policies, standards, and architecture on the business. This person will provide security direction to the cyber security programme based on their security and business focus areas.
The Security Architect must be able to interpret high level business requirements and communicate them to highly technical security engineers; conversely, they must also be able to articulate highly technical issues to a non-technical business audience.
The Security Architect is to produce reference architectures and to ensure that the delivered architecture is fit for purpose and effective when transitioned in to service. The Security Architect will manage a team of Security Engineers.
Providing an architectural steer to the program, as required, on security related matters.
o This includes formal input to projects during the analysis and design stages to ensure that security has been considered and is appropriate.
o Further security related guidance may be required during the build and testing stages of the projects.
o Provide technical security input as required by the security policy development team.
o Security review and design of complex application and technology architectures.
o Coordination of technical design/review activities with various segment and corporate groups.
o Evaluation and maintenance of systems and procedures to safeguard internal information systems and databases.
o Researching and recommendation/implementation of changes to procedures and systems to enhance security aligned with corporate policies
o Representing the Security Architecture team within Digital Risk and Security, being an authority.
o Accountable for ensuring that key risks and issues are identified, addressed and resolved in a manner that satisfies the business.
o Accountable for ensuring residual risk is captured and owners are identified and accept the risks.
o Continuous view toward standardization and process improvement with a view toward automation where possible
o Flexibility to occasionally travel as role requires (may include global responsibilities)
Knowledge and Capabilities:
o Experience with cloud based security controls (secure web gateway, next gen firewall, cloud access security broker)
o Strong knowledge and experience designing and implementing technical security solutions such as IDS/IPS, secure remote access, firewalls, encryption, secure protocols, data protection, data loss prevention and identity management solutions.
o Strong background in security architecture including a deep knowledge of IT network security (secure LAN, WAN, vLAN, MPLS, Netflow, SNMP and secure network zoning and restricted network design) and database, operating system and application security.
o Strong knowledge of data and information flows, information governance, network protocols.
o Experience of security hardening techniques and policy development, particularly operating system hardening (e.g. Windows, UNIX, Oracle).
o Experience in integration with a SIEM, or working within a system monitoring environment.
o Experience in vulnerability and risk management processes.
o Familiar with scripting including Powershell, Python, Perl etc.
o Experience of incorporating security controls at each stage of the software development lifecycle process (ITIL).
o Experience of designing and managing security controls within service providers and the cloud.
o Proven track record of successfully delivering business requirements to time and budget constraints.
o Familiar with contract management, ensuring security controls are referenced within the agreement.
o Appreciation of wider information security related principles, likely to be gained in industry or from a consultancy background.
o Familiar with TOGAF and SABSA.
o Skilled in creating patterns and reference architectures ensuring alignment with and support of other domain areas
o Experience with presenting architecture designs/models to the security and/or enterprise governance boards for acceptance and approval.
o Strong communication (Written and Verbal), leadership and partnering skills.
o Able to demonstrate a high degree of credibility and influence senior stakeholders within the Organization.
o Prepared to challenge the program and IS colleagues and have the difficult conversations where needed in the interests of National Grid
o Able to operate as a highly independent worker and as part of a strong team/collaborative approach.
Prior Critical National Infrastructure (CNI) and utility industry experience preferred.
Preferably somebody who has done hands on IT in the past and understands the pragmatic approach sometimes required.
Educated to degree level (or equivalent combination of education and experience).
Information Security Qualifications such as CISSP and MSc Information Security preferred.
Security Qualifications such as SANs, CCNA, CCNP.
This role has a significant impact on defining security requirements and ensuring that the program meets these requirements, or that exceptions and issues are noted and remediated as appropriate.
Indirect support (influence) of budget across the entire IS organisation and specific set of Business Systems (e.g. Customer Systems, Corporate Systems, etc. specific to project/s design.
No. of direct reports A small team 3-5 in time of Security Engineers.
Sr. Information Security Specialist (Applications AND Infrastructure)
LOCATION: Midtown Manhattan
CLIENT: Fortune 100 Media Company
TYPE: FTE - Full Time Salaried Employment (SALARY plus bonus with SUPERB Benefits)
- Candidates MUST be local, no relocation considered
- NO H1s
- Our client is looking for a well-rounded Information Security Professional with experience in security operations, application development security, infrastructure security, security risk assessments, audits, compliance, governance, and high-level risk management.
- The candidate will use identify vulnerabilities (using tools like Qualys, Nessus, etc) and interface with the Development Team to implement changes in the development process / coding to address application level security issues.
- Its a small team in a large multi billion dollar organization, and would require a candidate be a mix of both HANDS ON as well as Strategic / Policy / Project Management focused.
DUTIES & RESPONSIBILITIES
The position will be a mix of strategic / project management and hands-on technical duties.
- Familiar with translating a policy document and improving it (baseline on mobile device management and then adding some specific things to sharpen it where appropriate)
- Comfortable working both as an individual contributor as well as able to build partnerships and trust throughout the organization leveraging your industry infosec skills and knowledge
- You'll be involved in security architecture design, administration, and support for ongoing IT and Web initiatives
- Conduct security risk assessment and remediation for business processes, enterprise infrastructure and applications
- Develop and facilitate deployment of information security governance documents: policies, frameworks, programs, procedures, and audits
- Define, develop, and implement security models for Intellectual Rights Management, data confidentiality classification
- Proactively monitor security threats and vulnerabilities; event management and logging, identify and prevent potential intrusions using SIEM, DLP, IPS/IDS, other tools; advanced malware/Threat analysis and protection
- Plan and execute security related projects, deploying new security solutions and best practices, providing guidance to company’s engineering and QA teams
- Establish, monitor, evaluate and report key security performance and risk assessment indicators to provide management with accurate evaluation of the enterprise security state and the information security program effectiveness
- Compliance assessment and reviews; alignment of security controls for business processes and applications with applicable regulatory governing documents like SOX, PCI, COPA, Safe Harbor, ISO 27001, OWASP
- Develop and maintain User Security Awareness program; organize and provide security training to employees, contractors, interns
- Monitor and study relevant media and specialized vendor resources, provide assessment and recommendations to address emerging threats, vulnerabilities
- Site Security Assessment of corporate premises, third parties, cloud services
- Experience with TCP/IP, vulnerability management, pen testing, etc.
- Knowledge of network security, TCP/IP, DNS, DMZ, Firewalls, Application Firewalls (Web, XML, Database), best practice design and deployment; hardening hardware/software, secure VPN and FTP, Forward and reverse proxies
- Experience with Integration with Business, Information, Technology architectures
- Familiarity with security aspects for N-tiered application architecture and web-based applications
- Knowledge of authentication, authorization, data confidentiality, non-repudiation, integrity, audit logging
- Experience in organizing and leading projects with managed security service providers
- Assess and manage Third Party Security
- Incident response and digital forensics experience
- Windows and Linux security models, basic administration and audit
- Linux and Windows scripting, command line utilities (Shell, Visual Basic, Perl, Python, awk)
- Knowledge of security policies and best practices; developing governance documents, certificate management
- Experience with Identity access management (IAM) and role based user access control, end point security
- Knowledge of password management and SSO implementation
- Virtualized, cloud, mobile environments, MDM
- Browser security concepts (e.g. Tokens), risks (e.g. XSS); configuring SSL/TLS, PKI servers
- Hardening J2EE, Tomcat, Web servers (IIS, Apache)
- Application Security specifics development and custom codes - PHP, ASP, Java, C# platforms
- Databases (Oracle, MS SQL) – audits, data encryption at rest and in transit
- Vulnerability assessments and IT auditing
- LDAP (Oracle Sun One preferred), Active Directory, including administration and design of custom LDAP schemas
- Knowledge of McAfee ePO, Nessus and Symantec tools preferred (equivalent experience with other tools may be considered)
- Must be able to interface with the Development Team to implement changes in the development process / coding to address application level security issues.
- The manager is seeking a candidate who is able to work both hands on and at a high (strategic) level
- Strong executive presence skills required
- Must have strong prioritization skills, able to work on multiple complex projects at the same time (3-4)
- One of Major InfoSec Certifications (CISSP, CISM, SANS) would be preferred but not required.
If you are interested in pursuing this opportunity, please respond back and include the following:
• Full MS WORD Resume
• Current and required compensation
• Current contact information
Upon receipt, one of our managers will contact you to discuss the position in full detail.
INTERMEDIA GROUP, INC.
131 Varick Street
New York, NY 10013
Making better hires starts with building better job descriptions
- Browse 100s of templates across 40+ industries
- Customize your template with your company info & job requirements
- Post it to 20+ job boards in seconds – for FREE!