We are a well-established, technology driven firm that caters to the finance industry and we are looking to add a talented, curious-by-nature an experienced Senior Security Engineer to join our growing team.
The Security Engineer will be responsible for security monitoring, network and applications security, systems access control, identity and access management, penetration and vulnerability assessment, analysis and reporting, forensics and investigation. Salary $80-100K + excellent benefits.
Essential Duties and Responsibilities:
- Ensure availability of critical systems
- Prevent critical data loss
- Conducts technology and system assessments, provides technical consultation and ensures system security functionality
- Automate testing tools
- Improve security infrastructure and reporting
- Influence security architecture
- Support compliance and audit activities
- Review log files across the networks.
- Perform regular information security procedure reviews and system attestations to ensure accuracy and compliance for internal and external audit.
- Providing advanced operations and engineering support for critical security systems and services including Windows servers, endpoint security, computer forensics, vulnerability/penetration assessment/mitigation, and security event management (SIEM).
- Monitor and maintain security systems in accordance with company policies.
- Evaluate and correct corporate security violations and breaches and report such violations as necessary.
- Assist with all security technologies and services, including protection services, perimeter defenses, and physical and logical access control.
- Participate in technology and system assessments, provides technical consultation and ensures system security functionality
- Respond to system security weak points, work with other teams and third party vendors to resolve security issues
- Develop creative improvements to security system capabilities
- Provide advanced application level support for the resolution of security system faults
- Respond to security incidents and report on incident handling and resolution
- Assess the appropriateness and effectiveness of security measures and recommend enhancements.
- Participate in post-mortem investigation of security incidents and prepare security incident reports documenting the findings
- Design, implement and support security-focused tools and services
- Work on various special projects as needed
Other duties as assigned
Curiosity and creativity in breaking and defending modern web applications
Scripting skills to develop and improve security and user data analysis tools
Comfort with network, server, and application log analysis and correlation
Working experience and knowledge of Windows operating systems web servers
Be results oriented, highly energetic and self-motivated
Ability to confidently and simply explain technical security issues without hype or buzzwords
Demonstrate outstanding teamwork skills
Have the ability to work with technical and non-technical business owners to get things done
Have the ability to handle multiple competing priorities in a fast-paced environment
- Strong understanding and working knowledge of networking and web technologies, identity and management systems, forensics, incident response, and investigation.
- Proven ability to share knowledge, resolve conflict, create consensus, and lead complex projects.
- Proven ability to plan, test, and implement security controls.
- Comprehensive knowledge of IDS/IPS, NextGen and applications firewalls, VPN, DLP, data encryption, SIEM, vulnerability and penetration testing, Windows and database security.
- Ability to react quickly in a fast paced, rapidly changing environment.
- Strong ability to take ownership of assigned tasks and responsibilities.
- Must display high level of critical thinking in order to weigh alternatives and present solutions that are consistent with requirements.
- BS in technology-related or information security-related curriculum or equivalent work experience required.
- Minimum of 5 years of experience providing network, applications, and systems security administration services in a mission critical environment required.
- Experience implementing network, applications, and systems security and incident response operational policies and procedures at an enterprise level required.
- Understanding of advanced security protocols and standards, including a demonstrated ability to perform complex analysis and producing information security metrics preferred.
Experience with the following: Application and network security testing tools, intrusion detection and prevention tools, event correlation tools. Strong understanding of modern web application security.
- Knowledge of information security frameworks and industry regulations (NIST, ISO, CoBIT, PCI, SOX).
- CISSP or other security certifications a plus
Ability to travel 20%
Must have a valid driver's license with good driving history
At Insight Recruitment we specialize in the placement of Information Technology (IT), Biotechnology & Life Science, and Executive professionals in all varieties of industries & disciplines.
Offering a boutique style service, we have grown organically over the years through word of mouth referrals and have become the Agency of Choice for companies who need the right talent to join their firm.
Our Services Include: Direct hire, Contract or Contract-to-hire.
We have served a wide variety of firms in the Midwest and nationwide since 1998 and as a result we have come to truly know our client's culture, their business demands and subsequently their hiring needs. Everything is evolving in today's marketplace and the most innovative professionals are driving this market. The success of your company relies on how you can attract, engage and hire these people: this is where we can help.
A Dynamic Approach
"Over 85% of our business comes from referrals; that's a powerful testament to the quality of service we deliver. Companies want to be truly heard and understood when they are working with an agency to help them find and secure the best talent available. Many come to us because they're tired of the larger nationwide chains only providing mediocre candidates, and they want better results.
And that is what every company receives with us: better results."
- Kinga Wilson, Search Consultant and Owner of Insight Recruitment