The Security Engineer will be responsible for all facets of Security Management and interact extensively with other team members as well as Sierra-Cedar Security.
This is a remote position. Must be located in the U.S.
- Respond and resolve any reported security breaches reported and client data centers.
- Conduct detailed investigation and analysis of possible security incidents by utilizing current incident response procedures, cyber forensic methodologies, and reverse engineering techniques.
- Respond to client requests
- Support client with independent third party penetration testing and develop corrective plan of action to mitigate any identified vulnerabilities.
- Maintain access control lists for users requiring access to the client environments.
- Add, modify, and delete end-user accounts as needed.
- Perform monthly audits for unusual or unauthorized access.
- Define and maintain application security plan.
- Develop, create and maintain application security configurations needed, roles, permission lists, and user profiles.
- Support additional Production, performance test and disaster recovery OAM technology infrastructure to support PeopleSoft concurrency increases as tiers needed.
- Manage support cases with Oracle as necessary for items related to the technical infrastructure or for items related to the OHS architecture hosted at the client datacenter.
- Must have 6+ years of security experience in a SOC or endpoint forensics and incident investigation role
- Experience working in a Security Operations Center (SOC) or investigating alerts/incidents on a daily/weekly basis.
- Must have a strong background in operating systems, network, applications, and information security principles.
- Convey technical concepts to managers and employees effectively.
- Develop, evaluate, and implement technical systems.
- Familiarity with the following technical and cyber defense security tools:
- Security Information and Event Management (SIEM) systems.
- Network and host-based Intrusion Detection System/Intrusion Prevention Systems (IDS/IPS).
- Network and host-based sensor and firewall technologies.
- Network and host-based malware detection and prevention.
- Network and host-based forensic applications.
- Web/e-mail gateway security technologies.
- Must be capable of providing team leadership and hands-on experience with network security, network analysis, and digital/computer forensics.
- Bachelors Degree required
- Must be able to manage multiple projects timely and effectively
- Strong ability to carry out assigned administrative tasks with limited oversight
- Holistic Systems Thinking - must be able to envision how all parts of a solution interact with each other, existing systems architecture, and the solution itself
- Ability to think "outside the box" when developing solutions
- Research, compare and evaluate software and hardware - full life cycle, from initial search to install, configuration, process development, and delivery
- Excellent communication skills with ability to speak clearly and persuasively in positive or negative situations. Listens and gets clarification. Responds well to questions and participates in meetings.
- Looks for ways to improve and promote quality. Demonstrates accuracy and thoroughness
- Ability to follow policies and procedures. Completes administrative tasks correctly and on time.
- Display willingness to make decisions. Exhibit sound and accurate judgment. Support and explain the reasoning for decisions.
- Demonstrates leadership and foster collaborative team approach - interacts well with front line and management providing consultation and expert advice on systems related topics
- Ability to communicate effectively with other employees, from executives to co-workers, within and across teams
- Ability to document and present information in a clear and concise manner to cross-operational teams and executive management
- Short-term and Long-term strategic planning of the organization's technology and solutions
- Develop and/or adjust processes to evolve with business and demand
- At least one information security certification from a security vendor such as those from ISACA, GIAC, OpenText or ISC2
- Industry affiliations such as ISSA, DSCI, InfraGard, GIAC, etc. are preferred
- Experience operating in a datacenter, service provider, or similar high availability environment
- Familiarity with industry, state, federal, and international legislation such as PCI, SOX, HIPAA, CMR201, US-EU Privacy Shield, GDPR, etc.
Sierra-Cedar delivers industry-focused client success by providing consulting, technical, and managed services for the deployment, management, and optimization of next-generation applications and technology. We offer a competitive benefits package including 401(k), Health, Disability, and Life. Sierra-Cedar is an Equal Opportunity Employer.- provided by Dice