SYSTEMS SECURITY ENGINEER Job in Norcross 30092, Georgia US
SYSTEMS SECURITY ENGINEER
Location: Norcross, Ga 30092
Employment Type: Full Time, Employee
This is a Senior level Engineer not Staff level.
Senior Systems Security Engineer
The Systems Security Engineering team is peers and partners with Platform Engineering (Windows, Unix Virtualization (ESX) as well as Network Security Engineering (firewalls, network IDS/IPS etc.,) and is responsible for championing the security throughout the solutions development life cycle and providing SME support on various security topics such as with Access Control, Identity Management, Security Tools such as FIM, Configuration Compliance and similar controls.
Working with Platform Engineering, Development, Product and other Infrastructure Services teams, the Sr. Systems Security Engineer will deliver an infrastructure solution that is technically sound, resilient to failure, operationally supportable, one that meets the requirements of the business, including any special compliance requirements, and mainly Fiserv Information Security standards.
The ideal candidate will exhibit strong leadership skills, will be forward thinking, and will be able to work effectively in a diverse, highly talented team, continuously striving for excellence.
RESPONSIBILITIES
Participate in new build or retrofit compliance in an existing environment to meet the information security needs of the business
Develop and sustain working relationships in a matrix team environment consisting of a variety of infrastructure engineering, development groups and client relationship groups
Create high quality documentation at both high-level (MS Visio type systems diagram) to low-level (procedure level/cook books) of solutions created/implemented.
Day to day interaction with security technology providers, internal and external auditors, assessors, platform engineers (Windows, Unix and ESX) and Security Engineers with Security Operations groups in addressing their security needs
Represent security during internal and external assessments; explain systems, control and audit procedures, collect/show supporting evidence enabling a successful audit.
o If exceptions are found, devise a mitigating control and implement the same
Role sometimes requires scheduling and attendance on overnight and/or weekend maintenance windows.
Analyze and interpret results of security controls such as vulnerability scan reports, CIS hardening scan reports as well as provide recommendation for remediation of identified risks.
Participation in disaster recovery exercises, pre-production certification testing and troubleshooting events
Accountable for resolving all project level, cross-functional, partnership issues and appropriate escalations.
Architect, engineer, sustain support security tools such as Qualys, SecureWorks, Symantec, CA, Tripwire, SafeNet, RSA
Create or help create statements of work (SOW), project scope documents, project plans, business cases, and formal technical solutions recommendations.
Develop and execute status reporting, risk mitigation plans and readiness levels.
Willingness and capability of quickly learning new technologies required for accomplishing project goals.
FUNCTIONS
High organizational skills
Ability to handle multi-tasks and meet deadlines
Ability to work efficiently and productively without direction or guidance
Capable of exercising extreme discretion and independent judgment
Ability to handle extremely confidential information in a professional manner
Ability to communicate, both verbally and written, with a high level of confidence
Travel ? 10% of the year
Strong MS Office skills including MS Visio
EDUCATION and EXPERIENCE
Masters or Bachelors Degree in Computer Science or related technical field
7+ years of experience, preferably in a technology service industry
SKILLS
Ability to design and deploy tools such as Symantec Critical Server Protection (CSP), CA eTrust Access Control, Tripwire, Qualys Guard
Hands-on management of a security system comprising of server systems and 1000s of agents e.g. Tripwire/Symantec CSP Console with 1000+ agents
Understand all layers of TCP/IP, vulnerabilities associated with each layer, mitigation techniques e.g. SSL v2 vulnerable to MiM attacks, provide mitigation recommendations
working knowledge of IDS/IPS systems such as snort, ISS Proventia/Real sensor or similar tools
ability to deploy, configure, manage, maintain, test, patch and destroy
o Windows Server and desktop OSes
o Linux/Unix flavors
o VMWare vSphere Hosts and/or Hyper-V Host
o Small switches (physical/virtual)
o Small firewalls/routers (physical/virtual e.g. Vyatta, Astaro, Checkpoint UTM devices)
o Web servers such as IIS, Apache
o Small SAN (Fiber/iSCSI)
o SSH services (ssh-keygen, key based authentication etc.,)
o Group Policy Objects (GPOs)
o Active Directory Forests, Domains, trust-relationships
o Proxy Servers such as squid/MS ISA/TMG
o Metasploit, core-security or similar tools
Basic/intermediate Networking knowledge such as IP addressing, sub-netting, routes, VLANs, Trunks, SPAN Ports, sniffers etc.,
Good understanding of encryption algorithms, protocols and technologies
Good understanding of protocols such as DNS, SMTP, FTP, telnet, r*(rsh) etc.,
Scripting experience Windows: Powershell, Unix/Linux: bash/zsh, python or similar
working knowledge of packet filters (host/network), proxy servers (bluecoat, squid etc.,)
working knowledge of SIM/SIEM tools and methodologies such as ArcSight, Loglogic, Splunk or similar open source tools
Security Certifications such as CISSP, CISM, GIAC (GCWN, GCUX)
Sysadmin Certifications on MCSE, MCSA, MCTS and/or Sun Solaris, RedHat Linux, HP-UX
Contact:
PLEASE E-MAIL RESUMES TO: Apply by Email
Open all references in tabs: [1 - 4]