Security Engineer II

• Design, build, test, and deploy new security technologies, which include the development of the operational manual and run books
• Provides technical security operations engineering services to support and update existing security systems and works to automate processes related to security implementations, monitoring, and enforcement
• Investigates, recommends, evaluates, deploys, and integrates operational security tools (e.g., SIEM, vulnerability scanning) and techniques to enhance protection of corporate assets and infrastructure
• Participate in technical risk assessments and security exposure analyses of systems, networks, and business applications
• Analyzes network security elements and overall network security architectural designs to ensure secure and optimal system and network performance and cost-effectiveness
• Oversees the installation, configuration, and supportive processes of security technologies
• Participate in or lead the Incident Response activities
• Interacts with internal and external clients on security operations requirements, identifies security processes, and develops strategies/solutions to security issues
• Keeps fully abreast of trends and changing technologies as they relate to IT, Network Engineering, and Information Security fields
• Lead or assist in periodic or ad-hoc security reports that provide relevant situational awareness to our senior stakeholders
• Monitor and manage our networks and infrastructure environment for attacks, malicious software, and possible intrusions, which includes the follow-up of complete remediation of infected systems
• Administer and tune SIEM platforms to improve threat detection and response
• Conduct vulnerability assessments and manage remediation to mitigate risks
• Required to be on-call (after hours) per the established rotational schedule
• Implement changes to our security technologies/infrastructure in accordance with standard and change control policies/procedures
• Evaluate, implement, tune, and operate Security Solutions such as IPS, vulnerability scanning tools, and SIEM systems

• Bachelor’s Degree in Computer Science, Information Systems, or related field, or equivalent experience
• Minimum 3 years of IT relevant experience or equivalent combination of experience plus at least 1 year of experience performing Security Engineering/Planning/Operations, preferably with SIEM or vulnerability management
• Experience in medium to complex computing environments, with advanced knowledge in security technologies and services
• Hands-on experience with at least two or more of the following Enterprise Security Technologies: Network Intrusion Prevention/Detection
• Virtual Private Networks
• SSL, IPSec, and Site-to-Site
• Enterprise-Class Stateful Inspection Firewalls
• Network Access Controls in context to Identity Management
• Windows Server OS & Desktop OS
• Network Packet Inspection
• Directory Services including LDAP, AD, and Secure Authentication Technologies
• SIEM platforms (e.g., Splunk, ArcSight)
• Vulnerability management tools (e.g., Nessus, Qualys)
• Experience in implementing Information Security technologies and/or processes required
• Experience in defining Information Security strategies and frameworks

CompTIA Cybersecurity Analyst (CySA+), CISSP, CISSP-ISSAP, SANS, or other professional certification applicable to security engineering are preferred