Sr. IT Security Engineer

Seasoned Sr. IT Security Engineer orchestrating comprehensive security strategies, implementing robust measures, performing audits, and leading initiatives to fortify systems and mitigate risks against evolving cyber threats.

Responsibilities
• Analyze and report organizational and system security posture and design architecture and frameworks.
• Assess adequate access controls based on principles of least privilege and need-to-know and the effectiveness of security controls.
• Assess all the configuration management (change configuration/release management) processes.
• Ensure all systems’ security operations and maintenance activities are properly documented and updated as necessary.
• Ensure cybersecurity-enabled products or other compensating security control technologies reduce identified risk to an acceptable level.
• Implement system security measures in accordance with established procedures to ensure confidentiality, integrity, availability, authentication, and non-repudiation.
• Mitigate or correct security deficiencies identified during security/certification testing and/or recommend risk acceptance for the appropriate senior leader or authorized representative.
• Perform security reviews, identify gaps in security architecture, implement security measures to resolve vulnerabilities, mitigate risks, help develop a security risk management plan, and recommend security changes to systems as needed.
• Properly document all systems security implementation, operations, and maintenance activities and update as necessary.
• Provides cybersecurity recommendations to leadership based on significant threats and vulnerabilities.
• Verify and update security documentation reflecting the application/system security design features.
• Verify minimum security requirements are in place for all applications.

Skills
• Knowledge of business continuity and disaster recovery continuity of operations plans.
• Ability to serve as the primary liaison between the CISO organization, IT, and system owners.
• Knowledge of the application firewall concepts and functions (e.g., single point of authentication/audit/policy enforcement, message scanning for malicious content, data loss prevention, SSL security, REST/JSON processing).
• Knowledge of network access, identity, and access management (e.g., public key infrastructure, Oauth, OpenID, SAML, SPML).
• Skill in assessing security controls based on cybersecurity principles and knowledge of how to use network analysis tools to identify vulnerabilities.
• Knowledge of the enterprise information technology architectural concepts and patterns (e.g., baselines, validated design, and target architectures.)
• Knowledge and working experience in managing Azure, O365, Active Directory, domain resolution, etc.
• Experience in Windows server solutions; including OS installation, domain configuration, and AD architecture (GPO, AD schema, certificate-based authentication, PKI, etc.).
• Knowledge of information technology security principles and methods (e.g., firewalls, demilitarized zones, encryption, OSI model, etc.) and networking (e.g., TPC, IP, VPN, DHCP, etc.).

Communications/Leadership
• Excellent communication – oral, written, and interpersonal skills.
• Strong analytical and problem-solving skills.
• Ability to develop effective and cooperative working relationships across multiple areas.

Education/Technology
• Bachelor's degree in Computer Science, Management Information Systems, or a related field.
• Advanced degree desirable.
• CISSP, GIAC, CompTIA Security+ or other security certifications desired.