Senior IT Security Engineer
The IT Security Engineer (ITSE) is responsible for ensuring the IT security for the enterprise. The ITSE works with the IT Security Director to assist in developing the IT security roadmap, IT security standards, policies and procedures, and IT security technologies. The ITSE identifies and reports IT security issues, enforces IT security processes, proposes remediation steps, and implements IT Security solutions. The ITSE is responsible for working with the IT security team and other IT staff to ensure the overall information safety of BHMG.
ESSENTIAL JOB FUNCTIONS • Help plan and carry out an organization’s information security strategy, plans and policies. • Develop and recommend security requirements, best practices and enhancements for the organization as needed. • Develop strategies to respond to and recover from a security breach or incident. • Engineer, implement and monitor security measures for the protection of computer systems, networks and information. Install and configure software, devices and systems to protect the organization’s information and systems. • Assist end-users as required. Guide, work with and assist other IT staff in developing and rolling out solutions. • Perform security assessments of corporate infrastructure. Conduct vulnerability assessments – internal and external – to ascertain and ensure the organization’s security posture. Conduct external penetration testing to ensure systems are hardened appropriately and in compliance with PCI standards. Develop and implement remediation steps as needed. • Monitor IT systems and networks for intrusions or breaches. Elevate communication as needed to quickly align responses to incidents. • Work with the IT Security Director to compose Incident Reports for incidents as needed. • Implement, monitor and support security infrastructure systems. • Provide subject matter expertise on authentication, systems and network architecture for IT security. • Ensure standards are established and implemented to appropriately harden end-user, server and network systems. • Provide strategic and tactical IT security guidance for all IT projects, including evaluation and recommendation of appropriate technical controls. • Evaluate status of network, server and device security; including patching policies/activities, anti-malware status, server and network scanning. Research, develop and recommend solutions to ensure the efficacy of security solutions. • Develop and regularly report IT security relevant metrics to measure the efficiency and effectiveness of the IT security program. • Research, recommend and develop budgeting for appropriate IT security solutions. • Coordinate and lead IT technical personnel in implementation of the security solutions. Collaborates with fellow IT personnel to research and develop appropriate security solutions for the enterprise. • Stay current on all developments in the IT security space, maintains applicable credentials, and educates fellow IT staff on new or developing threats and technologies. • Other duties within and outside of IT security will be assigned as necessary.
MARGINAL JOB FUNCTIONS • Participate in other projects and initiatives as directed.
NECESSARY KNOWLEDGE, SKILLS AND ABILITIES • Experience working and ensuring PCI compliance at an enterprise level with a distributed geographic footprint of more than 20 locations • Experience with ISO 27001, CoBIT, NIST Cybersecurity Framework • Hands on Incident Response planning and reporting • Knowledge of risk assessment tools, technologies and methods. Experience with computer forensic tools, technologies and methods. • Hands on disaster recovery and business continuity plan creation and documentation experience. Extensive experience with table top and live DR/BCP exercises. • Hands on proficiency with security systems, including firewalls, IDS, IPS, AV, AM, DPI, SSL DPI, content filtering, etc. • Experience with scripting and automating processes, assessments and reporting. • Hands on proficiency with security testing and monitoring software such as: Tenable Nessus, Metasploit, InsightVM, Splunk, AlienVault, TripWire, etc. • Experience with implementing a logging management tool such as Splunk. Experience with implementing and managing a security incident and event management (SIEM) system (e.g. AlienVault, Arcsight, etc.) • Experience in evaluating and working with 3rd party and outsourced security technology solutions providers for services such as logging, SIEM, remotely managed intrusion detection, etc. (e.g. SecureWorks, Solutionary, Sword & Shield, etc.) • Thorough understanding of the latest security principles, techniques and protocols. Familiarity with web related technologies (applications, web services, SOAs) and related protocols. • Problem solving skills and the ability to work under pressure. • Effective interpersonal skills. Ability to communicate security issues to peers and management.
EDUCATION AND EXPERIENCE • Bachelor’s Degree in IT Security, Computer Sciences, Engineering or other related technology field. Technical Master’s degree helpful. • Current and advanced IT security certification required. Examples: CISSP, CISM, GCIA, GPEN, GCED, CCNP-Security, CCIE-Security, etc. • Ten+ years’ experience in enterprise networking. • At least five years’ proven progressive IT security experience, including IT security engineering in a geographically distributed enterprise.
ESSENTIAL JOB FUNCTIONS • Help plan and carry out an organization’s information security strategy, plans and policies. • Develop and recommend security requirements, best practices and enhancements for the organization as needed. • Develop strategies to respond to and recover from a security breach or incident. • Engineer, implement and monitor security measures for the protection of computer systems, networks and information. Install and configure software, devices and systems to protect the organization’s information and systems. • Assist end-users as required. Guide, work with and assist other IT staff in developing and rolling out solutions. • Perform security assessments of corporate infrastructure. Conduct vulnerability assessments – internal and external – to ascertain and ensure the organization’s security posture. Conduct external penetration testing to ensure systems are hardened appropriately and in compliance with PCI standards. Develop and implement remediation steps as needed. • Monitor IT systems and networks for intrusions or breaches. Elevate communication as needed to quickly align responses to incidents. • Work with the IT Security Director to compose Incident Reports for incidents as needed. • Implement, monitor and support security infrastructure systems. • Provide subject matter expertise on authentication, systems and network architecture for IT security. • Ensure standards are established and implemented to appropriately harden end-user, server and network systems. • Provide strategic and tactical IT security guidance for all IT projects, including evaluation and recommendation of appropriate technical controls. • Evaluate status of network, server and device security; including patching policies/activities, anti-malware status, server and network scanning. Research, develop and recommend solutions to ensure the efficacy of security solutions. • Develop and regularly report IT security relevant metrics to measure the efficiency and effectiveness of the IT security program. • Research, recommend and develop budgeting for appropriate IT security solutions. • Coordinate and lead IT technical personnel in implementation of the security solutions. Collaborates with fellow IT personnel to research and develop appropriate security solutions for the enterprise. • Stay current on all developments in the IT security space, maintains applicable credentials, and educates fellow IT staff on new or developing threats and technologies. • Other duties within and outside of IT security will be assigned as necessary.
MARGINAL JOB FUNCTIONS • Participate in other projects and initiatives as directed.
NECESSARY KNOWLEDGE, SKILLS AND ABILITIES • Experience working and ensuring PCI compliance at an enterprise level with a distributed geographic footprint of more than 20 locations • Experience with ISO 27001, CoBIT, NIST Cybersecurity Framework • Hands on Incident Response planning and reporting • Knowledge of risk assessment tools, technologies and methods. Experience with computer forensic tools, technologies and methods. • Hands on disaster recovery and business continuity plan creation and documentation experience. Extensive experience with table top and live DR/BCP exercises. • Hands on proficiency with security systems, including firewalls, IDS, IPS, AV, AM, DPI, SSL DPI, content filtering, etc. • Experience with scripting and automating processes, assessments and reporting. • Hands on proficiency with security testing and monitoring software such as: Tenable Nessus, Metasploit, InsightVM, Splunk, AlienVault, TripWire, etc. • Experience with implementing a logging management tool such as Splunk. Experience with implementing and managing a security incident and event management (SIEM) system (e.g. AlienVault, Arcsight, etc.) • Experience in evaluating and working with 3rd party and outsourced security technology solutions providers for services such as logging, SIEM, remotely managed intrusion detection, etc. (e.g. SecureWorks, Solutionary, Sword & Shield, etc.) • Thorough understanding of the latest security principles, techniques and protocols. Familiarity with web related technologies (applications, web services, SOAs) and related protocols. • Problem solving skills and the ability to work under pressure. • Effective interpersonal skills. Ability to communicate security issues to peers and management.
EDUCATION AND EXPERIENCE • Bachelor’s Degree in IT Security, Computer Sciences, Engineering or other related technology field. Technical Master’s degree helpful. • Current and advanced IT security certification required. Examples: CISSP, CISM, GCIA, GPEN, GCED, CCNP-Security, CCIE-Security, etc. • Ten+ years’ experience in enterprise networking. • At least five years’ proven progressive IT security experience, including IT security engineering in a geographically distributed enterprise.