Senior Security Engineer
Palm Beach, Florida
|Job Industry:||Information Technology / Telecommunications|
Estimated Duration: 1 year with possible extension.
Onsite: On location at the Client’s site 100% of the time. No telecommuting or remote work.
Description: Our Client, a government agency, is hiring a Senior Security Engineer in Palm Beach, FL.
• Evaluate, design, implement, operate, and maintain information security technologies, including: Firewalls, Intrusion Prevention Systems, Email Security Gateways, Web Security Gateways, Web Application Firewalls, Vulnerability Management Tools, Security Incident and Event Management Systems, Anti-Malware Solutions, Remote Access VPNs, and Encryption technologies;
• Provide 24x7 on-call support for IT security infrastructure on a rotational basis;
• Evaluate, design, and implement technical and procedural controls to assure the client’s compliance with relevant laws, regulations, policies, and standards;
• Analyze and respond to real-time and archived intrusion, vulnerability, and audit data;
• Perform risk assessments on IT products and services and make appropriate recommendations;
• Develop and implement security test plans, compensating controls, policies, and procedures;
• Maintain awareness of up-to-date threat and vulnerability profiles, including related countermeasures;
• Protect the client's information assets by proactively identifying and mitigating risk;
• Execute IT security projects and tasks with minimal oversight;
• Perform other related duties as assigned.
• Experience in IT (7+ years);
• Experience in Information Security Engineer role (5+ years);
• Experience applying information security standards and frameworks from NIST, CIS, ISACA, etc.;
• Experience administering and securing Windows workstations and servers (certification preferred);
• Experience with Network Vulnerability Testing Tools (ex. Nessus, Retina, NeXpose, etc.), Security Incident and Event Management (SIEM) Systems (ex. LogRhythm, ArcSight, etc.), Web Security Gateways (ex. Websense, Blue Coat, etc.), Firewalls (Check Point experience and certification preferred), Intrusion Prevention/Detection Systems (IPS/IDS), Email Security Gateways (anti-spam systems), Antivirus Software (ex. SEP), Malware Removal Tools (ex. Malwarebytes), Remote Access VPNs, and Encryption solutions;
• Experience with a wide range of standard concepts and protocols along including their security implications (TCP/IP, DNS, DHCP, NTP, HTTP, FTP, SSH, TLS/SSL, IPsec, RADIUS, Kerberos, LDAP, SNMP, SQL, OSPF, BGP, VLAN, 802.1x, 802.11, VPN, NAT, and PKI);
• Experience with information security compliance audits (ex. PCI, SOX, HIPAA, NERC, FISMA, etc.);
• Experience securing UNIX/Linux servers (preferred);
• Experience securing network infrastructure (preferred);
• Experience securing SQL Server and Oracle databases (preferred);
• Experience securing web-based applications (preferred);
• Experience deploying and configuring application security technologies, including: Web Application Firewalls (ex. Imperva, Barracuda WAF, etc.), Application Vulnerability Testing Tools (ex. AppScan, Burp Suite, etc.), and Application Whitelisting solutions (ex. Bit9, AppLocker, etc.) (preferred);
• Experience developing security awareness training materials (preferred);
• Scripting experience (Bash, Python, etc.) (preferred);
• Penetration testing experience (preferred);
• Information security certification (CISSP, CISA, GSEC, CEH, etc.) required;
• B.S. in Computer Science (or related field) or 10 years of experience.
Please feel free to apply directly and contact me with your questions at email@example.com or (954) 376-6034
Vitaver & Associates, Inc. is an equal opportunity employer. It is the Company's policy to make all employment decisions including hiring, promotion, compensation, benefits, termination and others, without regard to age, race, color, religion, national origin, sex, disability, veteran status, or any other protected status in accordance with applicant federal, state, and local laws.