job summary: Our enterprise client has a hybrid opening for an experienced Information Security Engineer with solid experience supporting information security engineering initatives and project. Opportunity includes paid time off, sick time and holidays. Our successful candidate has demonstrable experience in quickly ramping up with past client/employer organizations, with a keen ability to quickly learn security policies & procedures, and protocols.
[
"
We deliver Cloud & Infrastructure managed solutions to run mission critical programs for our clients. Our team works closely with the CISO organization to proactively identify and resolve vulnerabilities in the environment - attack surface management, server hardening, image hardening.
We are looking for customer-centric individuals that possess outstanding communication skills and are proactive in connecting the dots between their day-to-day job and the bigger client goals and initiatives. Demonstration of attention to detail, ability to collaborate with other teams and functions, proactive creation and maintenance of documentation are essential for this role.
Our successful candidate has demonstrable experience in quickly ramping up with past client/employer organizations, with a keen ability to quickly learn security policies & procedures, and protocols.
Required Skills -1. Server/Device Hardening
2. Scripting (PowerShell)
3. Internet Information Services (IIS) for Windows Server
4. MS SQL Server
5. Automated Policy Deployments
6. GPO (Group Policies) Management
7. Configuration & Patch Management (Tanium and BigFix)
8. Vulnerability Management
9. Amazon Web Services (AWS)
10. Automation Tools (Jenkins, Gitlab, and Ansible)
11. Project Management
Job Duties -- Management the vulnerability inventory (prioritize, coordinate, close)
- Draw clear connections between identified vulnerabilities and required changes to the configuration standards in the environment to address vulnerabilities
- Ability to configure changes in environment autonomously via scripting or automation
- Collaborate across multiple functions to prioritize the completion of required changes
- Analyze and provide recommendations on best course of action to address vulnerabilities
- Maintain pristine documentation of body of work
- Follow established change management and release management protocols
Job Requirements -- Undergraduate degree (BS) in technology related fields, e.g., computer science, cybersecurity, EMIS, systems engineering, electrical engineering, etc. or equivalent experience
- Self-starter with exceptional follow through and time management skills
- 5-8 years of relevant Information Security experience
- Experienced with On-Premise and AWS hosting environments
- Deep expertise with Windows OS, Windows Registry, Microsoft IIS, SQL server, Windows server (understanding of their configuration standards)
- Knowledge of powershell scripting
- Understanding of security principles and network communication models and corresponding protocols
Desired Skills & Experience -- Working knowledge of Mitre Attack Framework
- Working knowledge of Center for Internet Security (CIS) framework
- SANS Institute certificates are a plus
- Security+ from CompTIA
- GIAC Security Essentials (GSEC)
- Certified Ethical Hacker (CEH)
- CISA (Certified Information Security Associate
- CISSP (Certified Information Systems Security Professional)
- CASP+ (Certified Advanced Security Practitioner)
- CMPIC (CM Principles & Implementation Certification)
- SSCP - Systems Security Certified Practitioner
"
]