If this opportunity is not a good match for your skills or you are not available but know someone who is, please forward this email to them as we pay referral fees for anyone you refer that we place with a client.
This is not a senior-level position, but I client would like 5 years of security background.
Most desired skills for candidate – O365 security/malware remediation, Tripwire, McAfee ePO (ENS), Sourcefire
Onsite Dallas office; flexible with occasional work-from-home after period of time
Any certifications required – CISSP (or desire to get there)
Security Engineer to evaluate, design, plan, implement, and document system hardware, software and security controls. Monitors the performance of systems by performing capacity planning and optimizing established systems. Performs troubleshooting and maintenance functions for infrastructure applications, services, systems and technologies. Additional duties include:
Design, deploy, maintain, and troubleshoot security technologies including, but not limited to, SEIM, File Integrity Monitoring, IPS, Application/Network Vulnerability Assessment tools, event and log analysis, DLP, anti-virus, anti-malware, and content filtering security systems and devices.
Review processes, policies and architecture and provide risk-analysis and recommendations to remediate or lower identified risks.
Ensure business and development teams integrate security into application and product designs, where possible, without adversely affecting the business.
Research and design secure solutions to technical and business problems that will enhance security posture without adversely affecting the business.
Develop custom scripts/programs to provide security information and to integrate security tools with existing company security monitoring infrastructure.
Use security tools to audit, detect and coordinate remediation of any security or infrastructure related issues.
Provide support to one or more projects simultaneously.
Research, recommend, and implement streamlined automation processes.
Ensure that data architectures meet regulatory and legal compliance.
Provide in-depth support for information security incidents including, but not limited to, internal violations, hacker attacks, virus, and system outages.
Evaluate and recommend security controls, which includes routinely assessing their effectiveness in limiting security risks to the organization
Participate in periodic information systems risk assessments.
Recommend and evaluate security tools to identify more efficient and effective security measures.
Knowledge of information security principles and best practices
Knowledge of PCI compliance standards
Minimum five (5) + yrs experience with stateful firewalls, VPN, remote access methodologies
Minimum three (3) + yrs experience with regular expressions
Minimum three (3) + yrs experience performing access control reviews and remediation as it relates to PCI
Minimum five (5) + yrs advanced network design experience in a multisite environment
Minimum five (5) + yrs experience with at least two IP packet analysis, vulnerability and network troubleshooting tools: wireshark, tcpdump, nessus
Must posess advanced knowledge of TCP/IP networking principles
Experience with at least three of the following solutions, technologies and processes:
Network/application vulnerability scanning Tools
Email content filtering
Endpoint security tools
File Integrity Monitoring
Experience working in, and providing information for, PCI and related regulatory standards environment.
Knowledge of system hardening, security and access control principals, methologies and techniques
Must possess excellent written, verbal, communication and time management skills
If you are have this experience and are interested, please email me directly at firstname.lastname@example.orgIf you have this experience, feel you are a fit for this position, and are interested, please email the answers the questions below: