Information Security Engineer

Information Security Engineer- very competitive base salary plus 10% bonus and excellent benefits

This is a perm position and would be ideally situated in Warren, PA, but a greater Boston, MA north location is also a possibility.

LOCATION: Warren, PA or Boston, MA

JOB DESCRIPTION

  • Design security solutions and provide recommendations for technical programs and projects
  • Conceive of and propose new approaches to: significantly enhance or modify the configuration or functionality of intranets, firewalls, servers, applications, remote access, databases, and other important parts of the information systems infrastructure; allow greater standardization and more effective management of information security measures
  • Evaluate and recommend the application of security methodology for new, emerging, or existing technology, such as smart cards and encryption
  • Assist with the selection, installation, and adoption of automated tools that enforce or monitor the compliance with information security policies, procedures, standards, and similar information security requirements
  • Review proposals for outsourcing business activities to determine whether security controls would be compromised in the course of outsourcing the proposed activities
  • Facilitate the integration of security architecture and strategies into programs and projects
  • Provide special technical guidance to the Information Technology Department staff about the risks and control measures associated with new and emerging information systems technologies
  • Participate as a technical advisor for a variety of ad-hoc information security projects that will be dictated by current business and technological developments
  • Provide in-depth technical advice for investigations of information security incidents including internal frauds, hacker break-ins, and system outages
  • Documentation of information security incidents as well as the analysis of the circumstances enabling or permitting these same incidents to take place
  • Participate on a Security Incident Response Team (SIRT) that responds to various security incidents such as denial of service attacks, virus infestations, and internal frauds
  • Conduct security reviews and risk assessments of applications and infrastructure with industry standard tools and methodologies
  • Perform vulnerability scans and internal penetration tests on a regular basis; ensures remediation of critical and high items
  • Maintain awareness of up-to-date threats and vulnerabilities and their respective countermeasures
  • Stay informed about the latest developments in the information security field, including new products and services, through on-line news services, technical magazines, professional associations, industry conferences, training seminars, and other information sources

QUALIFICATIONS

  • Bachelor Degree in Computer Science, Information Systems, Engineering, or an equivalent combination of education, training, and experience.
  • 3+ years experience supporting security-based devices (firewalls, intrusion detection systems, port scanners, vulnerability scanners, sniffers, malware management systems, email filters, encryption technology and software)
  • 3+ years experience supporting PCs, OS, and peripherals including server hardening
  • 3+ years experience with configuration and implementation of routers, switches, intranets, and VPNs including network device hardening
  • 4+ years conducting Information Security risk analysis/ assessments and application reviews, and providing recommendations
  • Demonstrated knowledge of information security concepts and methodologies, as well a practical understanding of security principles such as authentication, authorization, access controls, and protection strategies.
  • Demonstrated experience in computer/network security, operating systems such as Windows, LAN/WAN networking protocols such as TCP/IP, firewalls, IDS/IPS, PKI, and encryption
  • Experience performing external and internal vulnerability and penetration testing
  • Demonstrated experience working with information security related risks, as well as regulatory, audit, and compliance requirements, such as PCI DSS 3.0
  • Experience administering information security programs including risk assessments and forensic research, designing security architectures, developing policies, gathering metrics, and reporting status
  • Demonstrated ability to interface effectively and collaborate with clients, peers, vendors, and management to develop solutions and ensure stakeholder buy-in
  • Demonstrated ability to mentor and train junior security analysts in risk assessments, security reviews, internal controls, general controls, application controls, and related business communications.
  • Must demonstrate excellent business mastery, including the ability to integrate work across relevant areas, develop the business and services to enhance customer satisfaction and productivity, manage risks and safety appropriately, manage information, and provide exceptional service to internal and external customers.
  • Must demonstrate excellent management mastery, including effective resource and project planning, decision making, results delivery, team building, and staying current with relevant technology and innovation
  • Must demonstrate strong personal mastery, including ethics, influence and negotiation, leadership, interpersonal skills, communication, the ability to effectively manage stress and engage in continuous learning.

Preferences for candidates with:

  • CISSP Certification, CISM Certification, and/or CISA Certification• IT and PCI DSS 3.0 Audit experience• Experience working as an external consultant• Experience with IBM iSeries security configurations• Expertise with secure application development concepts and practices

Technologies utilized:

Cisco ASA/routers/switches; AWS; Nexus; IBM QRadar Security Intelligence platform; Trust Wave PCI Compliance ; Core Impact penetration testing

If interested and more importantly qualified, send updated resume with contact info ato vince@techedgerecruiting.com and you will be contacted immediately.

Unfortunately, Visa sponsorship or transfer NOT available for this position.

Out of State candidates considered-Relocation offered for qualified candidates.

Advertisements

About vinceter1

Onthe company side: TechEdge Recruiting delivers with a one on one approach to staffing technical hiring needs for clients throughout New England. With over 15 years of relative industry experience, we will deliver Quality versus Quantity. We have full life cycle recruiting expertise to provide you with a seamless and confidential process from initial interview set up through salary negotiations. We will respond quickly to your planned and unplanned staffing needs. In fact, we often present candidates that you may miss in your internal recruiting efforts. We thoroughly screen and extensively check credentials and references to present candidates who best match your business needs, functional requirements, and company culture. Then, we handle negotiations and monitor satisfaction. We have a diverse client base to draw from in various industries which includes High Tech, Financial Services, Life Sciences, Retail, Manufacturing, Healthcare and Government. Our goal is to provide companies with the talent they need to grow and to enhance the careers of the candidates we represent. We provide the best-suited candidates for you to screen based upon your requirements. We become a partner with your organization to provide you with the most compatible fit for your specific needs. We will make sure each candidate is well informed and qualified for your position. Companies turn to us for our expertise in understanding exactly what they seek (and because we take the time to learn what our candidates seek). We take pride in offering the most effective and discreet placement services available. Because of that, we are able to attract top notch, technology savvy, bright individuals and help them grow in great companies. You pay us NO FEE unless or until you hire our candidate. Expertise in the following areas: Database Administration/Development-Oracle, SQL Server Desktop/Help Desk Support Network & Infrastructure Engineering-LAN/WAN/SAN, Security, Firewalls, Messaging System Administration-Unix or Windows based, Linux Web Development/Software Engineering SAP/Peoplesoft Consultants SharePoint Developers, Administrators, Analysts & Architects On the Candidate side: TechEdge Recruiting works with Information Technology professionals using a one on one approach to assist in attaining your career goals. Our services are effective and discreet. We have a diverse company client base in various industries which include High Tech/Software, Financial Services, Life Sciences, Retail, Manufacturing, Healthcare and Government. Companies turn to us for our expertise in understanding exactly what they seek because we take the time to learn what our candidates seek. We are results oriented and pride ourselves in elevating the careers of talented people. We do this while helping View all posts by vinceter1

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

TechEdge Recruiting Blog

Quality versus Quantity

Captain Kirk's Fishing Blog

Quality versus Quantity

%d bloggers like this: