Information Security Systems Engineer (Azure Cloud)

Description

• Configure resources to detect vulnerabilities to operating systems, applications, databases and the network infrastructure components. Detect, enumerate and classify major vulnerabilities, perform trend analysis and reporting for the Enterprise through the use of vulnerability assessment tools and methodologies.
• Evaluate the results from intrusion detection devices used for monitoring and reporting of network traffic for analysis of unwanted manipulation to systems, malicious network traffic, network attacks against vulnerable services, data driven attacks on applications, host based attacks or unauthorized access to sensitive data.
• Schedule and maintain security operations management of operating systems, security applications and network infrastructure components. Provide security configurations, controls for monitoring and centralized logging for network and server devices.
• Coordinate resources for auditing of applications, operating systems and networks to provide a measurable technical assessment that includes, performing security vulnerability scans, reviewing access controls and analysis to ensure availability, confidentiality and integrity to help the organization meet internal and external regulatory compliance.
• Have the ability to formulate and interpret penetration test information results for the enterprise. Manage vulnerability detection, analysis and exploitation remediation to ensure confidentiality, integrity and availability of mission critical information assets.
• Mentor junior engineers in security knowledge and experience in technologies and methodologies as it relates to Security Information and Event Management (SIEM) devices, firewalls, proxies, access controls, encryption, networking, scripting, auditing, vulnerability assessments, intrusion management and operations. Additionally to assist with effective research, data gathering, analysis, metrics reporting and communications.
• Provide guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios outside of the routine change management process or production scope.
• Have experience with enforcement of information security policies and procedures. Familiarity with information security standards such as NIST, ISO, COBIT, and associated security controls.
• Must be self-directed with the ability to work independently to meet deadlines and produce quality work in a time-sensitive, fast-paced environment.
• Designs and implements new technologies, frameworks, and platform improvements. Serves as subject-matter expert for application security, engaging, collaborating, and advising on application security and application security analytics practices, standards, and methods.
• Reads memory dumps and analyzes log files for patterns. Uses tools to analyze code and looks for problems, including Veracode and SonarQube.
• Reads and delivers business and technical requirements while searching for opportunities to group capabilities into frameworks, suggest innovative solutions, and leverage existing technologies.
• Provides oversight and assurance for assessment of enterprise applications, including web, cloud, and mobile applications to deliver secure and robust solutions.
• Builds tests which validate key capabilities or fragile code and builds automated functional and integration tests.
• Performs analysis of software code repositories, applications, code designs, processes, and implementation from a security perspective.
• Works with development and infrastructure members to identify and resolve security issues in context of any potential compensating controls (WAF, IPS, IDS, ML, AI, NBA, EUBA, CASB).
• Works with software developers to integrate application security from group up for build and assurance processes.
• Formulates and interprets penetration test information results for the enterprise. Manages vulnerability detection, analysis, and exploitation remediation to ensure confidentiality, integrity, and availability of mission critical information assets.
• Provides guidance using specialized knowledge and toolsets to operational teams during enterprise wide crisis scenarios outside of the routine change management process or production scope.
• Performs other duties and projects as assigned.

• Proven experience with Azure Cloud-based security engineering and hands-on implementation on security technologies
• Strong knowledge of Azure services, including VMs, Azure SQL Database, Azure Functions, and Azure Networking (Required)
• Demonstrates knowledge of, adherence to, monitoring and responsibility for compliance with state and federal regulations and laws as they pertain to this position.
• Demonstrates comprehensive understanding of security methodologies.
• Demonstrates comprehensive knowledge of networking components (routers, switches, load balancers, wireless access points); client/server relationships; relational databases and structured query language; encryption algorithms and ciphers (PKI/SSL); malicious code (works, viruses spyware, etc.); Virtual Private Networking; and multi-tier environments).
• Comprehensive understanding of Security Methodologies.
• Experience with reverse engineering of malware.
• Advanced experience with TCPIP/UDP/ICMP.
• Comprehensive knowledge of the OSI Reference Model.
• Windows / Linux / Unix operating systems.
• Advanced experience with networking components (routers, switches, load balancers, wireless access points, etc.).
• Comprehensive knowledge of firewalls, proxies, mail servers and web servers.
• Advanced experience with operational support for operating systems, applications and networks.
• Comprehensive knowledge of client/server relationships.
• Comprehensive knowledge of relational databases and structured query language.
• Advanced experience with vulnerability assessments.
• Advanced experience with intrusion management and its components.
• Comprehensive understanding of encryption algorithms and ciphers (PKI/SSL).
• Comprehensive knowledge of malicious code (worms, viruses, spyware, etc.).
• Comprehensive experience with Virtual Private Networking.
• Comprehensive knowledge of multi-tier environment.
• Advanced experience with packet inspection / sniffers.
• Advanced experience in forensics and e-discovery.
• Advanced experience in automation and scripting of applications and systems.
• Advanced experience in anomaly detection (signature / behavioral).
• Advanced experience with event and log correlation.
• Effective team management, time management, and organizational skills.
• Effective written and verbal communication skills.
• Effective analytical and problem solving skills.
• Proficient in Microsoft Office Suite products.
• Bachelor’s Degree in Information Technology, Mathematics, Business, Engineering or related fields with 5-7 years of professional experience.

• CISSP
• GIAC
• CRISC
• CEH

• Work with other passionate, purposeful, and customer-centric team members
• Aggressive earning potential with good career growth
• Inclusive, diverse, and collaborative culture where people from all backgrounds can thrive
• Extensive internal growth and professional development opportunities including tuition reimbursement
• Comprehensive benefits package including Medical/Dental/Vision
• Wellness program to support both mental and physical health
• Generous paid time off options to support work-life balance