Senior Information Security Engineer (100% REMOTE)
Looking for a Senior Lead who is very broad in infrastructure security. You will have a deep understanding of frameworks, heavy engineering. You lead and drive virtual meetings. Cloud, GRC, operations, applications, SIEM, Splunk, PKD, IAM, IDAM, IDS, IPS, Firewalls networking etc
The security engineer is responsible for implementing, maintaining, monitoring and managing secure solutions. The security engineer delivers these solutions in accordance with architectural designs, best practices, and regulatory or compliance requirements. As risks change, the security engineer is responsible for recommending modifications and enhancements to ensure the organization is evolving with the threat landscape. It is important to recognize the senior nature of this role and the expectations regarding innovation, self-motivation, and initiative as they pertain to securing the environment. This role will partner and coordinate with other teams outside of security, and outputs from this role will generally be the result of complex analysis, research, and thoughtful innovation.
Knowledge & Skills:
- provided by Dice
Highly technical and analytical expertise, with a proven deep background in secure technology design, implementation and delivery. This individual must be comfortable providing metrics, analysis, and quantitative/qualitative evidence when necessary to drive a security outcome.
Familiar with cloud technologies such as AWS, Azure, ====P. Comfortable with a scripting language such as Python, PHP, or Ruby. Familiarity with SQL and SPL.
Broad understanding of Systems Security Engineering, NIST security domains, risk processes, and overall security architecture/design as it pertains to the engineering of trustworthy systems. Familiar with regulatory requirements and industry control frameworks such as PCI DSS, GDPR, ISO 27001/27002, SP 800-53, and DoD CMMC.
Familiar with Microsoft Windows, MacOS, and other enterprise-grade operating systems such as Red Hat Enterprise Linux, Windows Server, and SUSE Linux.
Intermediate to advanced understanding of networking and network devices, such as routers, switches, load balancers, and associated protocols.
Extensive knowledge of traditional security controls and technologies, such as Security Information and Event Management (SIEM) systems, intrusion detection/prevention systems (IDS/IPS), public key infrastructure (PKI), identity and access management (IDAM) systems, antivirus, and firewalls. Deep familiarity with newer technologies/offerings such as endpoint detection and response (EDR), threat intelligence platforms, security automation and orchestration (SOAR), deception technologies, and application security controls are highly valuable and will ensure the candidate holistically approaches enterprise security opportunities.