Previous Job
Previous
InfoSec Engineer
Ref No.: 17-01558
Location: Irving, Texas
Position Type:Full Time/Contract
Start Date / End Date: 05/03/2017 to 12/31/2017
Paladin Consulting is currently hiring a InfoSec Engineer to join our team working onsite at our client's office located in Irving, TX..

We work with companies that offer environments for our employees to contribute, learn, and advance their career. We treat you like you are part of the family.

Job Title: InfoSec Engineer
Work Location: Irving, TX
Duration: Long term Contract
Education/Experience Required: BS required, preferably a degree in computer science, engineering, cyber security, or a related subject

Job Description & Responsibilities:
  • SIEM (Security Information and Event Management): Must have experience extracting pertinent security data, setting up SIEM solutions and troubleshooting connectivity issues.
  • Install and maintain SIEM, IPS, DLP and APT tools like RSA Netwitness, Cisco Sourcefire, McAfee DLP, Whole Disk Encryption, BeyondTrust, Shavlick, Cylance, Proofpoint Email Gateway, Skyhigh, Landesk MDM, BCWipe, Shavlick, Tripwire, Cloudvisory
  • Monitor system logs, SIEM tools and network traffic for unusual or suspicious activity. Interpret such activity and make recommendations for resolution with the help of InfoSec Team Lead
  • Firewalls/IPS/IDS – Must have In-depth knowledge of how they work and are used to protect an enterprise
  • Excellent understanding of PKI Technologies, Keys and Certificates Management, IdM (NetIQ), multi-factor authentication
  • intrusion incidents, conduct forensic investigations, and mount incident responses
  • Collaborate to create robust authentication, authorization, and encryption solutions that can be verified to implement company's Information Security Policy
  • Evaluate new technologies and processes that enhance security capabilities in the areas of data classification and handling, DLP, IDS/IPS, end-point protection (mobile and desktop), monitoring, incident management, etc.
  • Ensure appropriate security access and protection against unauthorized access, modification, or destruction
  • Understanding of encryption, hashing, secure random number generation, key derivation, digital signatures, etc.
  • Knowledge of network based, system level and application layer attacks and mitigation methods, and TCP/IP, HTTP/S, and related protocols.
  • Have working experience and knowledge of UNIX, and Linux (Redhat, Centos) operating systems and Windows 2012 & 2016 operating systems
  • Test security solutions using industry standard analysis criteria
  • Deliver technical reports and formal papers on test findings
  • Respond to information security issues during each stage of a project's/incident's lifecycle
  • Provide technical security advice
  • Implement or coordinate remediation required by audits, and document exceptions as necessary
  • Perform installation and configuration management of security systems and applications, including policy assessment and compliance tools, network security appliances and host-based security systems
  • Collate security incident and event data to produce monthly exception and management reports
  • Report unresolved network security exposures, misuse of resources or noncompliance situations using defined escalation processes.
  • Assist team members in the use of security tools, the preparation of security reports and the resolution of security issues.
  • Research, recommend, evaluate and implement information security solutions that identify and/or protect against potential threats, and respond to security violations with the help of Infosec Team Lead
  • Recommend, schedule and/or apply fixes, security patches and any other measures required in the event of a security breach
  • Tests and recommends security measures to reduce and mitigate risk
Skills & Qualifications:
  • BS required, preferably a degree in computer science, engineering, cyber security, or a related subject
  • 3-6 years' experience implementing Security solutions

Hands on, direct experience with:

  • Experience with a broad range of security technologies, including NextGen Firewalls, DLP, NAC, IDS/ IPS, IdAM, Certificate Management, SIEM, Endpoint Protection, Anti-malware, vulnerability management
  • SIEM Technologies (RSA Netwitness, ArcSight, QRadar,etc)
  • IDS/IPS, penetration and vulnerability testing
  • Working experience with industry frameworks (ISO 27001, ISO 27002, NIST 800-171
  • Strong knowledge of technology and security topics including network security, wireless security, application security, infrastructure hardening and security baselines, web server and database security
  • Knowledge of network infrastructure, including routers, switches, firewalls, and associated
  • Working technical knowledge of current systems' software, protocols and standards.
  • Must have Strong knowledge of TCP/IP and network administration/protocols.
  • OWASP Top 10
  • Vulnerability/Risk Assessment
  • Firewall and intrusion detection/prevention protocols
  • Load Balancing (F5)
  • Secure coding practices, ethical hacking, and threat modeling
  • Windows 2012/2016 Active Directory
  • Virtualization technologies (VMware)
  • OracleSQL/MSSQL database platforms
  • Identity and access management principles
  • Application security and encryption technologies
  • Secure network architectures
  • Encryption technologies and standards
  • Network and Web-related protocols (e.g., TCP/IP, UDP, IPSEC, HTTP, HTTPS, routing protocols, etc.)
  • Advanced Persistent Threats (APT), phishing and social engineering, network access controllers (NAC), gateway anti-malware, and enhanced authentication
  • Reverse Engineering of Malware (OllyDBG, IdaPro, Assembly Language,etc)
  • Ability to write security rules (Snort, Yara)
  • Scripting tools such as PowerShell, Python. RegEx
  • One or more Security certifications demonstrating current knowledge such as, GIAC, CISSP, CEH
  • Ability to deal with stress and commit to resolving issues if/when incidents occur
  • Excellent problem-solving capabilities
  • Excellent written and verbal communication skills to make executive-level presentations to stakeholders and organizational leadership

Preferred Skills: (A minimum of 4 is required)

  • RSA SIEM (Netwitness), Sourcefire, Tripwire, Cloudvisory
  • McAfee DLP, Whole Disk Encryption (WDE), BeyondTrust,
  • Proofpoint Email Gateway, McAfee Web Gateway, Cylance
  • Veracode, Netsparker, Metasploit, Nexpose, Reverse Engineering of Malware, Pentest
  • PKI, IdM (NetIQ), Multi-Factor, Thales HSM, Venafi
  • Skyhigh, Landesk MDM, BCWipe, Shavlick

For more information or to view other opportunities, visit us at www.paladininc.com.

Paladin is an EEOC employer. We drug test and background check!